Azure Hdinsight CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-21529	1 Microsoft	2 Azure Hdinsight, Azure Hdinsights	2026-02-11	5.7 Medium
Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network.
CVE-2023-36877	1 Microsoft	1 Azure Hdinsight	2026-02-11	4.5 Medium
Azure Apache Oozie Spoofing Vulnerability
CVE-2023-36881	1 Microsoft	1 Azure Hdinsight	2026-02-11	4.5 Medium
Azure Apache Ambari Spoofing Vulnerability
CVE-2023-38156	1 Microsoft	1 Azure Hdinsight	2026-02-11	7.2 High
Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability
CVE-2023-36419	1 Microsoft	1 Azure Hdinsight	2026-02-11	8.8 High
Azure HDInsight Apache Oozie Workflow Scheduler XXE Elevation of Privilege Vulnerability
CVE-2023-35394	1 Microsoft	1 Azure Hdinsight	2026-02-11	4.6 Medium
Azure HDInsight Jupyter Notebook Spoofing Vulnerability
CVE-2023-23408	1 Microsoft	1 Azure Hdinsight	2026-02-11	4.5 Medium
Azure Apache Ambari Spoofing Vulnerability
CVE-2023-38188	1 Microsoft	1 Azure Hdinsight	2026-02-11	4.5 Medium
Azure Apache Hadoop Spoofing Vulnerability
CVE-2023-35393	1 Microsoft	1 Azure Hdinsight	2026-02-11	4.5 Medium
Azure Apache Hive Spoofing Vulnerability

Page 1 of 1.