CVE-2026-32173: Azure SRE Agent Gateway Exposes Live Command Streams via Unauthenticated WebSocket (CVSS 8.6)
GitHub Advisory Database·high signal
A multi-tenant authentication flaw in Azure SRE Agent's SignalR Hub allowed any Entra ID account holder to silently eavesdrop on real-time command streams, AI chat streams, internal LLM reasoning, tool calls, and credentials from other tenants. The CVSS 8.6 vulnerability required no authentication or user interaction to exploit remotely. Microsoft patched server-side — no customer action required.