Jan 2026: Azure Core shared client library for Python Remote Code Execution Vulnerability
CVE-2026-21226 Published on January 13, 2026
Azure Core shared client library for Python Remote Code Execution Vulnerability
Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2026-21226 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Products Associated with CVE-2026-21226
Want to know whenever a new CVE is published for Microsoft Azure Core Shared Client Library Python? stack.watch will email you.
Affected Versions
Microsoft Azure Core shared client library for Python:- Version 1.1.0 and below 1.38.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.