CVE-2025-53767 CRITICAL

CVE-2025-53767: Azure OpenAI Elevation of Privilege Vulnerability

Vendor Microsoft
Product Azure Open AI
Weakness CWE-918 · SSRF
Published August 7, 2025
Last update February 26, 2026
View on NVD All CVEs

CVSS base score

10.0/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C

What the vulnerability does

01Description

Azure OpenAI Elevation of Privilege Vulnerability

Key dates

02Disclosure timeline

August 7, 2025 CVE published
February 26, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-12392 Server-Side Request Forgery (SSRF) in binary-husky/gpt_academic CVE-2026-1313 MimeTypes Link Icons <= 3.2.20 - Authenticated (Contributor+) Server-Side Request Forgery via Crafted Links in Post Content CVE-2024-29736 Apache CXF: SSRF vulnerability via WADL stylesheet parameter CVE-2026-40280 Gotenberg SSRF via case-insensitive URL scheme bypass in webhook and downloadFrom deny-lists CVE-2024-5917 PAN-OS: Server-Side Request Forgery in WildFire