CVE-2026-40412

10.0 CRITICAL

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network

Published: 2026-05-22 · Last updated: 2026-05-27

Severity and scoring

Vendor	Product
microsoft	azure_orbital_spatio

Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.

Source: NVD

Same vendor

CVE-2026-50507 — Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack (6.8 MEDIUM)
CVE-2026-49160 — Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network (7.5 HIGH)
CVE-2026-48583 — Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally (7.8 HIGH)
CVE-2026-48578 — Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally (7.9 HIGH)
CVE-2026-48576 — Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally (7.9 HIGH)

Same CWE

CVE-2026-9067 — The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload ... (9.1 CRITICAL)
CVE-2026-36722 — An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute ... (5.4 MEDIUM)
CVE-2025-40808 — A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85... (6.1 MEDIUM)
CVE-2026-34031 — Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer (6.5 MEDIUM)
CVE-2026-33582 — Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer (6.5 MEDIUM)