{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-13T16:15:26.988","vulnerabilities":[{"cve":{"id":"CVE-2026-31957","sourceIdentifier":"security-advisories@github.com","published":"2026-03-11T20:16:16.447","lastModified":"2026-03-16T19:39:37.913","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentication is not tenant-scoped. In this mode, Himmelblau can accept authentication attempts for arbitrary Entra ID domains by dynamically registering providers at runtime. This behavior is intended for initial/local bootstrap scenarios, but it can create risk in remote authentication environments. This vulnerability is fixed in 3.1.0."},{"lang":"es","value":"Himmelblau es una suite de interoperabilidad para Microsoft Azure Entra ID e Intune. Desde 3.0.0 hasta antes de 3.1.0, si Himmelblau se despliega sin un dominio de inquilino configurado en himmelblau.conf, la autenticación no está limitada al inquilino. En este modo, Himmelblau puede aceptar intentos de autenticación para dominios arbitrarios de Entra ID mediante el registro dinámico de proveedores en tiempo de ejecución. Este comportamiento está previsto para escenarios de arranque inicial/local, pero puede crear riesgo en entornos de autenticación remota. Esta vulnerabilidad se corrige en 3.1.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-1188"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:himmelblau-idm:himmelblau:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1.0","matchCriteriaId":"03DC7586-C1E4-47BF-A6D8-90F50C540210"}]}]}],"references":[{"url":"https://github.com/himmelblau-idm/himmelblau/security/advisories/GHSA-q746-m2wv-qh4v","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}}]}