CVE-2026-42893

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to perform tampering over a network...

CVE-2026-41614

CVE-2026-41614 concerns M365 Copilot for Desktop where improper access control enables a local attacker to spoof identities. The available documents identify the affected software (M365 Copilot for Desktop) and the impact as local spoofing due to insufficient access permissions, but do not provid...

CVE-2026-41614 M365 Copilot for Desktop Spoofing Vulnerability

...

CVE-2026-41614

Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...

CVE-2026-41614 M365 Copilot for Desktop Spoofing Vulnerability

...

CVE-2026-41109

Technical details are not publicly available in the provided documents; monitor for updates.

CVE-2026-41109 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

...

CVE-2026-41109

Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...

CVE-2026-41109 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

...

EUVD-2026-29691

Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...

CVE-2026-41100

CVE-2026-41100 describes an improper access control vulnerability in Microsoft 365 Copilot (Android) that allows an authorized attacker to perform local spoofing. The NVD entries consistently flag local attack vector with low attack complexity and low privileges required, resulting in a CVSS v3.1...

CVE-2026-41100 Microsoft 365 Copilot for Android Spoofing Vulnerability

...

CVE-2026-41100 Microsoft 365 Copilot for Android Spoofing Vulnerability

...

CVE-2026-41100

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...

Microsoft Outlook for iOS Tampering Vulnerability

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to perform tampering over a network...

M365 Copilot for Desktop Spoofing Vulnerability

Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...

Microsoft 365 Copilot for Android Spoofing Vulnerability

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...

Microsoft GitHub Copilot and Visual Studio 注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are injection vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to bypass certain features...

Microsoft M365 Copilot 访问控制错误漏洞

Microsoft M365 Copilot is an AI-driven productivity tool developed by the American company Microsoft. There is a security access control vulnerability in Microsoft M365 Copilot. Attackers exploit this vulnerability to carry out phishing attacks...