[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-33105":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-07T03:11:39.412Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":88,"aliases":89,"duplicate_of":9,"upstream":90,"downstream":91,"duplicates":92,"related":93,"reserved_at":9,"published_at":94,"modified_at":95,"state":96,"summary":97,"references_raw":106,"kevs":114,"epss":115,"epss_history":118,"metrics":120,"affected":127},"CVE-2026-33105","Improper authorization in Microsoft Azure Kubernetes Service allows an unauthorized attacker to elevate privileges over a network.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-285","Improper Authorization","The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.","weakness","Draft","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64,68,72,76,80,84],{"id":21,"name":22,"techniques":23},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[],{"id":25,"name":26,"techniques":27},"CAPEC-104","Cross Zone Scripting",[],{"id":29,"name":30,"techniques":31},"CAPEC-127","Directory Indexing",[],{"id":33,"name":34,"techniques":35},"CAPEC-13","Subverting Environment Variable Values",[],{"id":37,"name":38,"techniques":39},"CAPEC-17","Using Malicious Files",[],{"id":41,"name":42,"techniques":43},"CAPEC-39","Manipulating Opaque Client-based Data Tokens",[],{"id":45,"name":46,"techniques":47},"CAPEC-402","Bypassing ATA Password Security",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-5","Blue Boxing",[],{"id":57,"name":58,"techniques":59},"CAPEC-51","Poison Web Service Registry",[],{"id":61,"name":62,"techniques":63},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":65,"name":66,"techniques":67},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[],{"id":69,"name":70,"techniques":71},"CAPEC-647","Collect Data from Registries",[],{"id":73,"name":74,"techniques":75},"CAPEC-668","Key Negotiation of Bluetooth Attack (KNOB)",[],{"id":77,"name":78,"techniques":79},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":81,"name":82,"techniques":83},"CAPEC-77","Manipulating User-Controlled Variables",[],{"id":85,"name":86,"techniques":87},"CAPEC-87","Forceful Browsing",[],[],[],[],[],[],[],"2026-04-02T23:26:59.400Z","2026-04-03T17:22:48.286Z","Awaiting Analysis",{"cisa_kev":98,"cisa_ransomware":98,"cisa_vendor":9,"epss_severity":99,"epss_score":100,"severity":101,"severity_score":102,"severity_version":103,"severity_source":104,"severity_vector":105,"severity_status":96},false,"low",0.00052,"critical",10,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C",[107],{"url":108,"sources":109,"tags":111},"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33105",[104,110],"nvd",[112,113],"Vendor Advisory","Patch",[],{"date":116,"score":100,"percentile":117},"2026-04-03",0.16545,[119],{"date":116,"score":100,"percentile":117},[121,124],{"source":104,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":122,"cvss_v4_0":9},{"baseScore":102,"baseSeverity":123,"vectorString":105,"impactScore":102,"exploitabilityScore":102},"CRITICAL",{"source":110,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":125,"cvss_v4_0":9},{"baseScore":102,"baseSeverity":123,"vectorString":126,"impactScore":102,"exploitabilityScore":102},"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",[128],{"ecosystem":9,"name":129,"vendor":130,"product":131,"cpe_part":132,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":133},"Azure Kubernetes Service","microsoft","azure kubernetes service","a",[134],{"version":135,"is_range":98,"range_type":104,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"-"]