94 matches found
CVE-2026-42824
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
CVE-2026-45497
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
CVE-2026-45497
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
CVE-2026-45497
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...
CVE-2026-42824 M365 Copilot Information Disclosure Vulnerability
...
CVE-2026-42824
Technical details (affected products, root cause specifics, exploit vectors, and fixes) are not publicly available in the provided documents. Monitor official advisories for updates.
M365 Copilot Information Disclosure Vulnerability
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
PT-2026-46402
Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot versions prior to June 2026 Description Improper neutralization of special elements used in a command allows an authorized attacker to execute code over a network. This issue, known as command injection, occurs when an...
CVE-2026-41090
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-41090
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-41090 Microsoft Copilot Tampering Vulnerability
...
CVE-2026-41090 Microsoft Copilot Tampering Vulnerability
...
CVE-2026-41090
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-41090
CVE-2026-41090 affects Microsoft Copilot. The vulnerability arises from improper neutralization of elements used in a command (command injection) that enables tampering over a network. The CVSS‑3.1 vector indicates network attack, high confidentiality and integrity impact, no availability impact,...
EUVD-2026-31512
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-42827 M365 Copilot Information Disclosure Vulnerability
...
PT-2026-42846
Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...
Microsoft 365 Copilot 命令注入漏洞
Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...
M365 Copilot Information Disclosure Vulnerability
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Microsoft Copilot Tampering Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...