PT-2026-7411 · Microsoft · Azure Ai Language Authoring
Muhammad Fadilullah Dzaki
·
Published
2026-02-10
·
Updated
2026-02-26
·
CVE-2026-21531
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Azure AI Language Authoring SDK version 1.0.0
Description
A flaw exists in the Azure AI Language Authoring SDK that allows an unauthorized attacker to execute code over a network. This is due to the deserialization of untrusted data. The issue is categorized as a remote code execution condition.
Recommendations
Restrict access to the Azure AI Language Authoring SDK version 1.0.0.
Monitor systems utilizing the Azure AI Language Authoring SDK version 1.0.0 for suspicious activity.
Fix
RCE
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Azure Ai Language Authoring