// Alert

Microsoft 365 threat report

Microsoft disclosed CVE-2026-42835, an information disclosure vulnerability in Microsoft Teams for Android rated Important. The flaw allows authenticated attackers to read sensitive heap memory contents including authentication tokens via improper neutralization of special elements (CWE-74). Microsoft released a security update on June 9, 2026, available through the Google Play Store. No active exploitation has been observed.

// Get alerts for Microsoft 365