Lucene search
K

24 matches found

CVE
CVE
added 2 days ago12 views

CVE-2026-58617

Technical details about CVE-2026-58617 are not publicly available in the provided documents. Monitor for updates from sources (Microsoft, NVD, CIRCL, EUVD, CVE Catalog) for affected components, impact, and fixes.

8.1CVSS6.1AI score0.00671EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 9:42 p.m.11 views

CVE-2026-54130

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...

9.8CVSS5.3AI score0.00578EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.16 views

CVE-2026-42824

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.0764EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46401

Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot Enterprise affected versions not specified Description A critical vulnerability chain known as SearchLeak allows an unauthorized attacker to exfiltrate sensitive corporate data, including email contents, MFA codes, calend...

7.5CVSS6.2AI score0.0764EPSS
Exploits0References58
NVD
NVD
added 2026/05/22 11:16 p.m.14 views

CVE-2026-42827

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.00503EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 10:3 p.m.7 views

CVE-2026-42827

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00503EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/12 8:21 p.m.9 views

CVE-2026-26164

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.00799EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:17 p.m.16 views

CVE-2026-41614

Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...

6.2CVSS0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft M365 Copilot 命令注入漏洞

Microsoft M365 Copilot is an AI-driven productivity tool developed by the American company Microsoft. Microsoft M365 Copilot has a command injection vulnerability. Attackers can exploit this vulnerability to alter information...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.15 views

M365 Copilot Information Disclosure Vulnerability

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.01135EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.10 views

M365 Copilot Information Disclosure Vulnerability

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.00799EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.14 views

PT-2026-38575

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description Improper neutralization of special elements in output used by a downstream component injection allows an unauthorized attacker to disclose information over a network. Recommendations At...

7.8CVSS5.8AI score0.00799EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.6 views

CVE-2026-24299

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

5.3CVSS5.8AI score0.00633EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/19 9:30 p.m.17 views

EUVD-2026-13178

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

5.3CVSS5.8AI score0.00633EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.14 views

PT-2026-26352

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description An improper neutralization of special elements used in a command 'command injection' exists in M365 Copilot. This allows an unauthorized attacker to disclose information over a network...

5.3CVSS5.8AI score0.00633EPSS
Exploits0References16
EUVD
EUVD
added 2026/03/16 3:30 p.m.7 views

EUVD-2026-12111

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.8AI score0.00433EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/13 9:10 p.m.15 views

CVE-2026-26133

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.8AI score0.00433EPSS
Exploits0References2Affected Software20
RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.8 views

CVE-2026-24307

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network...

9.3CVSS5.3AI score0.00809EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.15 views

PT-2026-4313

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description An improper validation of a specified input type in M365 Copilot can allow an unauthorized attacker to disclose information over a network. Recommendations At the moment, there is no...

9.3CVSS5.2AI score0.00809EPSS
Exploits0References20
EUVD
EUVD
added 2025/10/03 8:7 p.m.30 views

EUVD-2025-18114

Malicious code in bioql PyPI...

9.3CVSS6.7AI score0.05776EPSS
Exploits1References2
Rows per page
Query Builder