May 2026: Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
CVE-2026-42830 Published on May 12, 2026
Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
Weakness Type
What is an Untrusted Path Vulnerability?
The application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
CVE-2026-42830 has been classified to as an Untrusted Path vulnerability or weakness.
Products Associated with CVE-2026-42830
Want to know whenever a new CVE is published for Microsoft Azure Monitor Agent Metrics Extension? stack.watch will email you.
Affected Versions
Microsoft Azure Monitor Agent Metrics Extension:- Version 1.0.0 and below 1.42.0 is affected.