Lucene search
K

824 matches found

The Hacker News
The Hacker News
added 2026/01/15 3:9 p.m.8 views

Researchers Reveal Reprompt Attack Allowing Single-Click Data Exfiltration From Microsoft Copilot

Cybersecurity researchers have disclosed details of a new attack method dubbed Reprompt that could allow bad actors to exfiltrate sensitive data from artificial intelligence AI chatbots like Microsoft Copilot in a single click, while bypassing enterprise security controls entirely. "Only a single...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/15 1:16 p.m.12 views

“Reprompt” attack lets attackers steal data from Microsoft Copilot

Researchers found a method to steal data which bypasses Microsoft Copilot's built-in safety mechanisms. The attack flow, called Reprompt , abuses how Microsoft Copilot handled URL parameters in order to hijack a user’s existing Copilot Personal session. Copilot is an AI assistant which connects t...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/01 4:26 p.m.11 views

CVE-2025-62116

Missing Authorization vulnerability in quadlayers AI Copilot ai-copilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Copilot: from n/a through = 1.5.5...

5.3CVSS5.7AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 4:15 p.m.8 views

CVE-2025-62116

Missing Authorization vulnerability in quadlayers AI Copilot ai-copilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Copilot: from n/a through = 1.5.2...

5.3CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 3:39 p.m.3 views

CVE-2025-62116 WordPress AI Copilot plugin <= 1.4.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Quadlayers AI Copilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Copilot: from n/a through 1.4.7...

5.3CVSS6.6AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 3:39 p.m.10 views

CVE-2025-62116

CVE-2025-62116 is described in the initial document as a Missing Authorization vulnerability in the QuadLayers AI Copilot (WordPress plugin), affecting versions from unknown up to and including 1.4.7. The connected Wordfence document substantively corroborates that AI Copilot is affected by a Mis...

5.3CVSS5.1AI score0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 3:39 p.m.4 views

EUVD-2025-205998

Missing Authorization vulnerability in Quadlayers AI Copilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Copilot: from n/a through 1.4.7...

5.3CVSS6.5AI score0.0018EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/31 3:28 p.m.9 views

WordPress AI Copilot plugin <= 1.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin AI Copilot versions = 1.5.0...

5.3CVSS5.2AI score0.0018EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.5 views

WordPress plugin AI Copilot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.4AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.7 views

PT-2025-54363

Name of the Vulnerable Software and Affected Versions Quadlayers AI Copilot versions through 1.4.7 Description An authorization issue exists in Quadlayers AI Copilot. The problem stems from incorrectly configured access control security levels, potentially allowing unauthorized access...

5.3CVSS6.5AI score0.0018EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/12/19 5:22 p.m.7 views

CVE-2025-62998

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through = 1.2.7...

5CVSS5.9AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 5:15 p.m.6 views

CVE-2025-62998

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through = 1.2.7...

5CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 4:49 p.m.9 views

CVE-2025-62998

CVE-2025-62998 pertains to the WP AI CoPilot plugin for WordPress. The Wordfence Intelligence entry notes a Sensitive Information Exposure vulnerability in WP AI CoPilot

5CVSS5.9AI score0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 4:49 p.m.28 views

CVE-2025-62998 WordPress WP AI CoPilot plugin <= 1.2.7 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through = 1.2.7...

5CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 4:49 p.m.4 views

CVE-2025-62998 WordPress WP AI CoPilot plugin <= 1.2.7 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot ai-co-pilot-for-wp allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through = 1.2.7...

5CVSS5.9AI score0.0018EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/12/18 11:30 a.m.5 views

The Case for Dynamic AI-SaaS Security as Copilots Scale

Within the past year, artificial intelligence copilots and agents have quietly permeated the SaaS applications businesses use every day. Tools like Zoom, Slack, Microsoft 365, Salesforce, and ServiceNow now come with built-in AI assistants or agent-like features. Virtually every major SaaS vendor...

7AI score
Exploits0
CNNVD
CNNVD
added 2025/12/18 12:0 a.m.5 views

WordPress plugin WP AI CoPilot 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

5CVSS6.2AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.7 views

PT-2025-52272

Insertion of Sensitive Information Into Sent Data vulnerability in WP Messiah WP AI CoPilot allows Retrieve Embedded Sensitive Data.This issue affects WP AI CoPilot: from n/a through 1.2.7...

5CVSS6.9AI score0.0018EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/12/18 12:0 a.m.23 views

A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection

As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...

7.2AI score
Exploits0
CNVD
CNVD
added 2025/12/12 12:0 a.m.3 views

WordPress Plugin WP AI CoPilot Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin WP AI CoPilot, which...

4.3CVSS6AI score0.00215EPSS
Exploits0References1
Rows per page
Query Builder