Microsoft Azure Logic Apps
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Azure Logic Apps.
Recent Microsoft Azure Logic Apps Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-42823 | CVE-2026-42823 Azure Logic Apps Elevation of Privilege Vulnerability | May 12, 2026 |
| CVE-2026-32171 | CVE-2026-32171 Azure Logic Apps Elevation of Privilege Vulnerability | April 14, 2026 |
| CVE-2026-21227 | CVE-2026-21227 Azure Logic Apps Elevation of Privilege Vulnerability | January 22, 2026 |
By the Year
In 2026 there have been 3 vulnerabilities in Microsoft Azure Logic Apps with an average score of 9.0 out of ten. Azure Logic Apps did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 8.97 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.40 |
It may take a day or so for new Azure Logic Apps vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Azure Logic Apps Security Vulnerabilities
May 2026: Azure Logic Apps Elevation of Privilege Vulnerability
CVE-2026-42823
9.9 - Critical
- May 12, 2026
Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Authorization
Apr 2026: Azure Logic Apps Elevation of Privilege Vulnerability
CVE-2026-32171
8.8 - High
- April 14, 2026
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
Insufficiently Protected Credentials
Jan 2026: Azure Logic Apps Elevation of Privilege Vulnerability
CVE-2026-21227
8.2 - High
- January 22, 2026
Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.
Directory traversal
Power Platform Connector Spoofing Vulnerability CVE-2023-36019
CVE-2023-36019
7.4 - High
- December 12, 2023
Microsoft Power Platform Connector Spoofing Vulnerability
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Azure Logic Apps or by Microsoft? Click the Watch button to subscribe.
