791 matches found
CVE-2026-47644
CVE-2026-47644 affects Copilot Chat in Microsoft Edge. The issue is an improper neutralization of special elements in output used by a downstream component ("injection"), enabling an unauthorized attacker to disclose information over a network. The vulnerability is documented across multiple sour...
CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
...
CVE-2026-47644
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
...
CVE-2026-42824 M365 Copilot Information Disclosure Vulnerability
...
CVE-2026-45497 Microsoft M365 Copilot Remote Code Execution Vulnerability
...
CVE-2026-45497
CVE-2026-45497 affects Microsoft Copilot (M365 Copilot). According to the description, it involves improper neutralization of special elements in a command (command injection) that could allow an authorized attacker to execute code over a network. The connected documents do not provide concrete t...
CVE-2026-45497
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
CVE-2026-45497 Microsoft M365 Copilot Remote Code Execution Vulnerability
...
CVE-2026-42824 M365 Copilot Information Disclosure Vulnerability
...
CVE-2026-42824
Technical details (affected products, root cause specifics, exploit vectors, and fixes) are not publicly available in the provided documents. Monitor official advisories for updates.
CVE-2026-42824
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Microsoft M365 Copilot Remote Code Execution Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
M365 Copilot Information Disclosure Vulnerability
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
Microsoft 365 Copilot 命令注入漏洞
Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper neutralization of special elements in commands. This vulnerability could allow unauthorized attackers...
Microsoft 365 Copilot 命令注入漏洞
Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements in commands. This vulnerability could allow authorized attackers to execute code...
PT-2026-46402
Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot versions prior to June 2026 Description Improper neutralization of special elements used in a command allows an authorized attacker to execute code over a network. This issue, known as command injection, occurs when an...
PT-2026-46401
Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot Enterprise affected versions not specified Description Improper neutralization of special elements used in a command allows an unauthorized attacker to disclose sensitive information over a network. This issue, known as...
Microsoft Copilot Chat 注入漏洞
Microsoft Copilot Chat is an intelligent dialogue assistant feature integrated into the browser by Microsoft Corporation. Microsoft Copilot Chat has a injection vulnerability, which stems from improper neutralization of special elements in the output of downstream components. This vulnerability...