Sep 232025 Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants Microsoft patched CVE-2025–55241 July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.
