May 2026: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2026-42833 Published on May 12, 2026

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
Execution with unnecessary privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.

Vendor Advisory NVD

Weakness Type

Execution with Unnecessary Privileges

The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

Products Associated with CVE-2026-42833

Want to know whenever a new CVE is published for Microsoft Dynamics 365? stack.watch will email you.

Microsoft Dynamics 365

Affected Versions

Microsoft Dynamics 365 (on-premises) version 9.1:

Version 9.0 and below 9.1.44.15 is affected.

May 2026: Microsoft Dynamics 365 On-Premises Remote Code Execution VulnerabilityCVE-2026-42833 Published on May 12, 2026

Weakness Type

Execution with Unnecessary Privileges

Products Associated with CVE-2026-42833

Affected Versions

May 2026: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability
CVE-2026-42833 Published on May 12, 2026