Lucene search
K

839 matches found

Cvelist
Cvelist
added yesterday7 views

CVE-2026-48561 Microsoft Copilot Remote Code Execution Vulnerability

...

9.6CVSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added yesterday12 views

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.8AI score0.00861EPSS
Exploits0
NVD
NVD
added 2 days ago5 views

CVE-2026-59515

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sergey AIWU ai-copilot-content-generator allows Blind SQL Injection.This issue affects AIWU: from n/a through = 1.5.4...

9.3CVSS0.0025EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 12:0 a.m.6 views

ALSA-2026:35831 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via...

9.6CVSS6AI score0.00478EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/03 12:31 a.m.9 views

EUVD-2026-41445

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.6AI score0.00531EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 11:16 p.m.9 views

CVE-2026-41106

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS0.00531EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/02 10:18 p.m.7 views

CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability

...

9.3CVSS5.9AI score0.00531EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 10:18 p.m.24 views

CVE-2026-41106

Technical details for CVE-2026-41106 are not publicly available in the provided documents. Monitor for updates from vendors and security feeds.

9.3CVSS5.6AI score0.00531EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 10:18 p.m.38 views

CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability

...

9.3CVSS0.00531EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 10:18 p.m.5 views

CVE-2026-41106

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.6AI score0.00531EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/07/02 2:0 p.m.11 views

Microsoft 365 Copilot Elevation of Privilege Vulnerability

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.6AI score0.00531EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55318

Name of the Vulnerable Software and Affected Versions M365 Copilot affected versions not specified Description M365 Copilot contains an open redirect issue, which occurs when an application redirects users to an untrusted external site. This flaw allows an unauthorized attacker to elevate...

9.3CVSS6AI score0.00531EPSS
Exploits0References9
Kaspersky
Kaspersky
added 2026/07/02 12:0 a.m.6 views

KLA91128 PE vulnerability in Microsoft Apps

Privilege escalation vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-41106 Exploitation Related products Microsoft-365 CVE list CVE-2026-41106 unknown Solution Install necessary updates from the KB section,...

9.3CVSS5.9AI score0.00531EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 9:16 p.m.8 views

CVE-2026-9132

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6.5CVSS0.00257EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 8:23 p.m.36 views

CVE-2026-9132 Missing authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository contents via the Copilot pull request diff summary endpoint

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6CVSS0.00257EPSS
Exploits0References4
CVE
CVE
added 2026/06/30 8:23 p.m.24 views

CVE-2026-9132

CVE-2026-9132 describes a missing authorization flaw in GitHub Enterprise Server where an authenticated user could read source code from private repositories via the Copilot pull request description diff summary endpoint. The vulnerability allowed a user with read access to at least one repositor...

6.5CVSS5.9AI score0.00257EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/30 8:23 p.m.7 views

EUVD-2026-40408

A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to read source code from private repositories they did not have access to. The Copilot pull request description diff summary endpoint accepted a cross-repository comparison range an...

6CVSS5.9AI score0.00257EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53989

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions prior to 3.21 Description An authenticated user can read source code from private repositories they are not authorized to access. The issue occurs because the Copilot pull request description diff summary...

6.5CVSS6AI score0.00257EPSS
Exploits0References10
NVD
NVD
added 2026/06/28 1:16 p.m.10 views

CVE-2026-13493

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS0.00232EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/28 12:0 p.m.10 views

EUVD-2026-39992

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS5.1AI score0.00232EPSS
Exploits0References7
Rows per page
Query Builder