Microsoft Azure Stack Edge
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Azure Stack Edge.
Recent Microsoft Azure Stack Edge Security Advisories
| Advisory | Title | Published |
|---|---|---|
| CVE-2026-41098 | CVE-2026-41098 Azure Stack Edge Spoofing Vulnerability | June 9, 2026 |
| CVE-2026-47643 | CVE-2026-47643 Azure Stack Edge Remote Code Execution Vulnerability | June 9, 2026 |
By the Year
In 2026 there have been 2 vulnerabilities in Microsoft Azure Stack Edge with an average score of 9.1 out of ten. Azure Stack Edge did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 9.10 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.20 |
| 2022 | 1 | 10.00 |
It may take a day or so for new Azure Stack Edge vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Azure Stack Edge Security Vulnerabilities
Jun 2026: Azure Stack Edge Remote Code Execution Vulnerability
CVE-2026-47643
9.8 - Critical
- June 09, 2026
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network.
External Control of File Name or Path
Jun 2026: Azure Stack Edge Spoofing Vulnerability
CVE-2026-41098
8.4 - High
- June 09, 2026
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.
XSS
Azure Data Box Gateway RCE via Transfer Endpoint
CVE-2023-21703
7.2 - High
- February 14, 2023
Azure Data Box Gateway Remote Code Execution Vulnerability
Azure Arc K8s Cluster Connect Privilege Escalation
CVE-2022-37968
10 - Critical
- October 11, 2022
Microsoft has identified a vulnerability affecting the cluster connect feature of Azure Arc-enabled Kubernetes clusters. This vulnerability could allow an unauthenticated user to elevate their privileges and potentially gain administrative control over the Kubernetes cluster. Additionally, because Azure Stack Edge allows customers to deploy Kubernetes workloads on their devices via Azure Arc, Azure Stack Edge devices are also vulnerable to this vulnerability.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Azure Stack Edge or by Microsoft? Click the Watch button to subscribe.
