🟠 High  |  Source: Microsoft Security Response Center


CVE-2026-11856 is a cross-origin information disclosure vulnerability involving Digest authentication state leakage in an Azure-related component. It allows a malicious or compromised origin to observe or infer authentication state from another origin, potentially exposing credentials or session context without user awareness. This matters because cross-origin auth leaks can be leveraged to facilitate credential theft or session hijacking in multi-tenant or shared cloud environments.

Security Architect’s Take: Review any Azure-hosted applications or services relying on HTTP Digest authentication and assess exposure to cross-origin requests; consider migrating to more modern authentication mechanisms such as OAuth 2.0 or Azure AD-backed token auth, and apply Microsoft’s patch or mitigations as soon as they are available via the MSRC update guide.

Original advisory: CVE-2026-11856 cross-origin Digest auth state leak