🟠 High | Source: Microsoft Security Response Center
CVE-2026-58253 is an authentication bypass vulnerability in the NATS Server Route API, which could allow an unauthenticated attacker to interact with internal cluster routing endpoints. NATS is a messaging system used in cloud-native and microservices architectures, including those hosted on Azure. If exploited, this flaw could enable unauthorised access to sensitive message traffic or cluster manipulation.
Security Architect’s Take: Audit any Azure-hosted workloads running NATS Server and apply vendor patches immediately; additionally, ensure NATS route ports (typically 6222) are not exposed beyond trusted internal network segments using NSGs or private endpoints.
Original advisory: CVE-2026-58253 NATS Server: Route API Auth Bypass