A newly disclosed vulnerability (CVE-2026-32185) in Microsoft Teams for Android allows local attackers to perform spoofing attacks by exploiting improper file and directory access controls, potentially deceiving users into trusting malicious content. Although exploitation requires user interaction and is limited to local environments, the flaw poses a high impact on data confidentiality; Microsoft has released a patch urging users to update immediately to mitigate risks.
https://cybersecuritynews.com/microsoft-teams-vulnerability-spoofing/

