36 matches found
EUVD-2026-34336
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-47644
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-47644
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
...
CVE-2026-47644
The CVE-2026-47644 entry concerns Copilot Chat (Microsoft Edge) and describes an issue where improper neutralization of special elements in output used by a downstream component (\u2018injection\u2019) can lead to an information disclosure over the network. The vulnerability affects the output pa...
Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
PT-2026-46403
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-33111
Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
EUVD-2026-28449
Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-33111
Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-33111 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
...
CVE-2026-33111 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
...
CVE-2026-33111
CVE-2026-33111 affects Copilot Chat in Microsoft Edge. The issue is an improper neutralization of special elements used in a command (command injection) that could allow an unauthorized attacker to disclose information over a network. According to the documented metrics, this is a Network attack ...
CVE-2026-33111
Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
Microsoft Copilot Chat 命令注入漏洞
Microsoft Copilot Chat is an intelligent dialogue assistant feature integrated into the browser by Microsoft Corporation. Microsoft Copilot Chat has a command injection vulnerability, which stems from improper neutralization of special elements within commands. This vulnerability could allow...
PT-2026-38578
Name of the Vulnerable Software and Affected Versions Microsoft Edge Copilot Chat affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to disclose information over a network...
Microsoft Visual Studio Code CoPilot Chat Extension < 0.37.3 Information Disclosure (CVE-2026-23653)
The Microsoft Visual Studio Code CoPilot Chat Extension installed on the remote host is prior to 0.37.3. It is, therefore, affected by an information disclosure vulnerability: - A remote, authenticated attacker can exploit this vulnerability to disclose sensitive information. User interaction is...
Security Update for Microsoft Visual Studio Code CoPilot Chat Extension (November 2025)
The Microsoft Visual Studio Code CoPilot Chat Extension prior to version 0.32.5. It is, therefore, affected by multiple vulnerabilities. - This vulnerability is a command injection flaw in the Visual Studio Code Copilot Chat Extension, where improper handling of special characters in...
CVE-2025-62222
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...