Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Dynamics 365 Business Central 2024 Release Wave 2 | affected |
|
||||||
| Microsoft | Microsoft Dynamics 365 Business Central 2026 Release Wave 1 | affected |
|
||||||
| Microsoft | Microsoft Dynamics 365 Business Central Release Wave 1 2025 | affected |
|
||||||
| Microsoft | Microsoft Dynamics 365 Business Central Release Wave 2 2025 | affected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Dynamics 365 Business Central 2024 Wave 1 | 83% |
|
||||||||
| Microsoft | Dynamics 365 Business Central 2024 Wave 2 | 85% |
|
||||||||
| Microsoft | Dynamics 365 Business Central 2025 Wave 1 | 100% |
|
||||||||
| Microsoft | Dynamics 365 Business Central 2025 Wave 2 | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 13 May 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 13 May 2026 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Microsoft dynamics 365 Business Central 2024 Wave 1
Microsoft dynamics 365 Business Central 2024 Wave 2 Microsoft dynamics 365 Business Central 2025 Wave 1 Microsoft dynamics 365 Business Central 2025 Wave 2 |
|
| Vendors & Products |
Microsoft dynamics 365 Business Central 2024 Wave 1
Microsoft dynamics 365 Business Central 2024 Wave 2 Microsoft dynamics 365 Business Central 2025 Wave 1 Microsoft dynamics 365 Business Central 2025 Wave 2 |
Tue, 12 May 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Weak authentication in Dynamics Business Central allows an authorized attacker to elevate privileges locally. | |
| Title | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability | |
| First Time appeared |
Microsoft
Microsoft dynamics 365 Business Central 2024 Microsoft dynamics 365 Business Central 2025 Microsoft dynamics 365 Business Central 2026 |
|
| Weaknesses | CWE-1390 | |
| CPEs | cpe:2.3:a:microsoft:dynamics_365_business_central_2024:*:release_wave_2:*:*:*:*:*:* cpe:2.3:a:microsoft:dynamics_365_business_central_2025:*:release_wave_1:*:*:*:*:*:* cpe:2.3:a:microsoft:dynamics_365_business_central_2025:*:release_wave_2:*:*:*:*:*:* cpe:2.3:a:microsoft:dynamics_365_business_central_2026:*:release_wave_1:*:*:*:*:*:* |
|
| Vendors & Products |
Microsoft
Microsoft dynamics 365 Business Central 2024 Microsoft dynamics 365 Business Central 2025 Microsoft dynamics 365 Business Central 2026 |
|
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
MITRE
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-05-15T17:12:38.438Z
Reserved: 2026-04-13T00:27:50.798Z
Link: CVE-2026-40417
Vulnrichment
Updated: 2026-05-13T10:00:54.242Z
NVD
Status : Awaiting Analysis
Published: 2026-05-12T18:17:19.817
Modified: 2026-05-13T15:34:52.573
Link: CVE-2026-40417
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-05-13T10:38:06Z