Lucene search
K

834 matches found

NVD
NVD
added yesterday5 views

CVE-2026-59515

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sergey AIWU ai-copilot-content-generator allows Blind SQL Injection.This issue affects AIWU: from n/a through = 1.5.4...

9.3CVSS0.004EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 12:0 a.m.4 views

ALSA-2026:35831 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...

9.6CVSS6AI score0.00478EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 12:31 a.m.9 views

EUVD-2026-41445

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.6AI score0.00531EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 11:16 p.m.9 views

CVE-2026-41106

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS0.00531EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 10:18 p.m.38 views

CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability

...

9.3CVSS0.00531EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 10:18 p.m.5 views

CVE-2026-41106

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.6AI score0.00531EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 10:18 p.m.24 views

CVE-2026-41106

Technical details for CVE-2026-41106 are not publicly available in the provided documents. Monitor for updates from vendors and security feeds.

9.3CVSS5.6AI score0.00531EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/07/02 10:18 p.m.6 views

CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability

...

9.3CVSS5.9AI score0.00531EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/07/02 2:0 p.m.11 views

Microsoft 365 Copilot Elevation of Privilege Vulnerability

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.6AI score0.00531EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55318

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description M365 Copilot contains an open redirect issue, which occurs when an application redirects users to an untrusted external site. This flaw allows an unauthorized attacker to elevate...

9.3CVSS6AI score0.00531EPSS
Exploits0References9
Kaspersky
Kaspersky
added 2026/07/02 12:0 a.m.6 views

KLA91128 PE vulnerability in Microsoft Apps

Privilege escalation vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-41106 Exploitation Related products Microsoft-365 CVE list CVE-2026-41106 unknown Solution Install necessary updates from the KB section,...

9.3CVSS5.9AI score0.00531EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 9:16 p.m.8 views

CVE-2026-9132

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6.5CVSS0.00257EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 8:23 p.m.36 views

CVE-2026-9132 Missing authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository contents via the Copilot pull request diff summary endpoint

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6CVSS0.00257EPSS
Exploits0References4
CVE
CVE
added 2026/06/30 8:23 p.m.24 views

CVE-2026-9132

CVE-2026-9132 describes a missing authorization flaw in GitHub Enterprise Server where an authenticated user could read source code from private repositories via the Copilot pull request description diff summary endpoint. The vulnerability allowed a user with read access to at least one repositor...

6.5CVSS5.9AI score0.00257EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/30 8:23 p.m.7 views

EUVD-2026-40408

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6CVSS5.9AI score0.00257EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53989

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An authenticated user can read source code from private repositories they are not authorized to access. The issue occurs because the Copilot pull request description diff summary...

6.5CVSS6AI score0.00257EPSS
Exploits0References10
NVD
NVD
added 2026/06/28 1:16 p.m.10 views

CVE-2026-13493

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS0.00232EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/28 12:0 p.m.10 views

EUVD-2026-39992

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS5.1AI score0.00232EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/28 12:0 p.m.34 views

CVE-2026-13493 AIDC-AI ComfyUI-Copilot Workflow Checkpoint Restore conversation_api.py resource injection

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS0.00232EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/28 12:0 p.m.9 views

CVE-2026-13493

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS5.1AI score0.00232EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder