4 matches found
CVE-2026-26137
CVE-2026-26137 is described as a server-side request forgery (SSRF) that affects Microsoft Exchange (and related Microsoft 365 Copilot/Business Chat contexts in linked sources). The available documents state that an authorized attacker can elevate privileges over a network, with the CVSS 3.1 scor...
KLA90945 PE vulnerability in Microsoft Server Software
An elevation of privilege vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-26137 Exploitation CVE list CVE-2026-26137 critical KB list Solution Install necessary updates from the KB section, that...
CVE-2025-53774
Microsoft 365 Copilot BizChat Information Disclosure Vulnerability...
Microsoft 365 Copilot BizChat 命令注入漏洞
Microsoft 365 Copilot BizChat is an AI chat software from Microsoft Corporation USA. Microsoft 365 Copilot BizChat suffers from a command injection vulnerability that stems from improper neutralization of special elements used in commands. An attacker exploiting the vulnerability could gain acces...