What the vulnerability does
01Description
Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.
CVE-2026-33823
CRITICAL
CVE-2026-33823: Microsoft Team Events Portal Information Disclosure Vulnerability
CVSS base score
9.6/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
May 7, 2026
CVE published
June 9, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-10980 JeecgBoot exportXls improper authorization
CVE-2022-2675 Unitree Go 1 "Robot Dog" Unauthenticated Remote Power Down
CVE-2024-39419 A user without ship permissions can ship the orders
CVE-2026-2077 yeqifu warehouse Role Management RoleController.java deleteRole improper authorization
CVE-2016-9464
