Medium

Information Disclosure in Azure Compute Gallery / Microsoft ACI Confidential Containers

IdentifiersCVE-2026-23655CWE-312· Cleartext Storage of Sensitive…

CVE-2026-23655 is a Critical information disclosure vulnerability affecting Azure Compute Gallery, also described in the provided sources as Microsoft ACI Confidential Containers. The issue is caused by cleartext storage of sensitive information, allowing an authorized attacker to disclose that information over a network. Based on the provided content, the core weakness is that sensitive data is stored without adequate protection at rest, enabling retrieval and exposure by an attacker who already has authorized access to the affected environment or service. No specific vulnerable function, code path, or storage component is identified in the supplied material.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation allows disclosure of sensitive information stored by the affected Azure Compute Gallery / Microsoft ACI Confidential Containers component. Because the weakness involves cleartext storage, an authorized attacker may retrieve secrets or other sensitive data over the network, potentially exposing confidential workload, configuration, or service-related information. The provided content does not indicate direct code execution or privilege escalation from this CVE alone.

Mitigation

If you can’t patch tonight, do this now.

The provided content does not describe a specific vendor mitigation or workaround for CVE-2026-23655. In the absence of a documented workaround, reduce exposure by limiting authorized access to the affected Azure Compute Gallery / ACI Confidential Containers environment, restricting network access paths, minimizing storage of sensitive material in the affected component where possible, and monitoring for unauthorized retrieval of secrets or configuration data until patches are fully deployed.

Remediation

Patch, then assume compromise.

Apply Microsoft's February 2026 security updates for all supported affected product versions. The provided sources state that Microsoft released patches for supported versions and recommends prompt installation of the relevant security update. Where normal update channels fail, obtain the applicable update from the Microsoft Update Catalog or the relevant Microsoft servicing channel for the affected Azure component.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

Microsoft CorporationAzure Compute Galleryapplication

Microsoft CorporationAzure Container Instances (Aci) Confidential Containersapplication

Microsoft CorporationConfidential Sidecar Containersapplication

Microsoft CorporationMicrosoft Aci Confidential Containersapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

9 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

9 SOURCESView more in app

flareio blogNews

Mar 13, 2026

Cybercrime Intelligence After February 2026 Patch Tuesday - Flare

A critical information disclosure vulnerability in Microsoft ACI Confidential Containers caused by cleartext storage of sensitive information, potentially exposing tokens and keys.

nsfocus globalNews

Mar 4, 2026

Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

An information disclosure vulnerability affecting Microsoft ACI Confidential Containers.

thecyberexpress com vulnerabilitiesNews

Feb 11, 2026

Microsoft Patch Tuesday February 2026 Fixes 6 Zero-Days

A critical information disclosure vulnerability affecting Azure Container Instances.

cyber security newsNews

Feb 10, 2026

Microsoft Patch Tuesday February 2026 - 54 Vulnerabilities Fixed, Including 6 Zero-days

A critical information disclosure vulnerability affecting Azure Compute Gallery / ACI Confidential Containers, potentially allowing leakage of sensitive data from confidential workloads.

+2 more in the timeline

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity2

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2026-23655

NVD

nvd.nist.gov/vuln/detail/CVE-2026-23655

MITRE CWE · CWE-312

Cleartext Storage of Sensitive Information

Vendor Advisory

msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23655