May 2026: Microsoft Partner Center Spoofing Vulnerability
CVE-2026-34327 Published on May 7, 2026

Microsoft Partner Center Spoofing Vulnerability
Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network.

Vendor Advisory NVD

Weakness Type

Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.


Products Associated with CVE-2026-34327

Want to know whenever a new CVE is published for Microsoft Partner Center? stack.watch will email you.

 

Affected Versions

Microsoft Partner Center Version - is affected by CVE-2026-34327

Exploit Probability

EPSS
0.64%
Percentile
45.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.