{"uuid": "bc4a7e9b-0c3b-4e12-99f1-4dc0ec9941c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-41615", "type": "seen", "source": "https://bsky.app/profile/smallbizcyberguy.bsky.social/post/3mmbk7nx6p72x", "content": "Microsoft Authenticator CVE-2026-41615, CVSS 9.6 critical. The CVE entry calls it information disclosure. It is an MFA bypass. One phished tap leaks a work account sign-in token. Patch the app today.\n\nhttps://thesmallbusinesscybersecurityguy.co.uk/blog/microsoft-authenticator-token-theft-uk-smb-2026", "creation_timestamp": "2026-05-20T09:01:41.508111Z"}