Vulnerability Details CVE-2026-35428
Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.9%
CVSS Severity
CVSS v3 Score 9.6
Products affected by CVE-2026-35428
-
cpe:2.3:a:microsoft:azure_cloud_shell:-