May 2026: Microsoft Authenticator Information Disclosure Vulnerability
CVE-2026-41615 Published on May 14, 2026
Microsoft Authenticator Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2026-41615 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2026-41615
stack.watch emails you whenever new vulnerabilities are published in Microsoft Authenticator or Microsoft Authenticator For Ios. Just hit a watch button to start following.
Affected Versions
Microsoft Authenticator for Android:- Version 6.0.0 and below 6.2605.2973 is affected.
- Version 6.0.0 and below 6.8.47 is affected.