Lucene search
+L

119 matches found

Microsoft Secure
Microsoft Secure
added 2025/08/12 4:0 p.m.9 views

Dow’s 125-year legacy: Innovating with AI to secure a long future

Founded more than 125 years ago, Dow has demonstrated a commitment to leveraging science to make the world a better place. Today, Dow’s ambition to be the most innovative, inclusive, and sustainable materials science company is supported by a global security team dedicated to keeping employees,...

6.6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/07 9:1 p.m.2 views

CVE-2025-53787 Microsoft 365 Copilot BizChat Information Disclosure Vulnerability

...

8.2CVSS6.4AI score0.00688EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/07 12:0 a.m.3 views

Microsoft 365 Copilot BizChat 命令注入漏洞

Microsoft 365 Copilot BizChat is an AI chat software from Microsoft Corporation USA. Microsoft 365 Copilot BizChat suffers from a command injection vulnerability that stems from improper neutralization of special elements used in commands. An attacker exploiting the vulnerability could gain acces...

8.2CVSS7.3AI score0.00688EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/13 12:0 a.m.9 views

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant, related to the lack of data cleaning at the management level, allows a perpetrator to disclose protected information.

The vulnerability of Microsoft 365 Copilot’s intelligent virtual assistant is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

9.3CVSS5.9AI score0.05776EPSS
Exploits1References3
HackRead
HackRead
added 2025/06/12 12:53 p.m.16 views

EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data

Aim Labs uncovers EchoLeak, a zero-click AI flaw in Microsoft 365 Copilot that allows data theft via email. Learn how this vulnerability enables sensitive information exfiltration without user interaction and its implications for AI security...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2025/06/11 12:0 a.m.38 views

Microsoft M365 Copilot 命令注入漏洞

Microsoft M365 Copilot is an AI-powered productivity tool from Microsoft Corporation USA. Microsoft M365 Copilot suffers from a command injection vulnerability that stems from command injection and could lead to information disclosure over the network...

9.3CVSS6.9AI score0.05776EPSS
Exploits1References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/20 5:37 a.m.25 views

Bypass SharePoint Restricted View to exfiltrate data using Copilot AI and more…

TL;DR Restricted View allows users to read files, but not copy, download or print them Attackers will look for ways to circumvent these controls Traditional workarounds include manual transcription, screenshots, and photos OCR tools can extract text from screenshots Microsoft Copilot can read fil...

6AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/11/26 7:43 p.m.35 views

CVE-2024-49038 Microsoft Copilot Studio Elevation Of Privilege Vulnerability

...

9.3CVSS7AI score0.00972EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/26 12:0 a.m.3 views

Microsoft Copilot Studio 跨站脚本漏洞

Microsoft Copilot Studio is an artificial intelligence chatbot from Microsoft Corporation USA. A cross-site scripting vulnerability exists in Microsoft Copilot Studio that stems from improper input neutralization during web page generation, resulting in elevation of privilege over the network...

9.6CVSS8.6AI score0.00972EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2024/11/26 12:0 a.m.21 views

KLA77602 PE vulnerability in Microsoft Office

An elevation of privilege vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2024-49038 Related products Microsoft-Copilot-Studio CVE list CVE-2024-49038 critical Solution Install necessary updates from the KB...

9.6CVSS9.8AI score0.00972EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.5 views

Microsoft Copilot Studio 信息泄露漏洞

Microsoft Copilot Studio is an artificial intelligence chatbot from Microsoft Corporation USA. An information disclosure vulnerability exists in Microsoft Copilot Studio. An attacker exploiting this vulnerability could gain access to sensitive information. No information about this vulnerability ...

7.5CVSS6AI score0.0099EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/08/27 6:9 a.m.29 views

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot

Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. "ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not...

8.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.9 views

PT-2024-7988

Name of the Vulnerable Software and Affected Versions Microsoft Copilot Studio affected versions not specified Description The issue is related to the exposure of sensitive information to unauthorized actors in Microsoft Copilot Studio. This allows an unauthenticated attacker to view sensitive...

7.8CVSS7.2AI score0.0099EPSS
Exploits0References10
NVD
NVD
added 2024/08/06 10:15 p.m.59 views

CVE-2024-38206

An authenticated attacker can bypass Server-Side Request Forgery SSRF protection in Microsoft Copilot Studio to leak sensitive information over a network...

8.5CVSS0.12341EPSS
Exploits0References1
CVE
CVE
added 2024/08/06 9:38 p.m.95 views

CVE-2024-38206

Microsoft Copilot Studio contains CVE-2024-38206: an authenticated attacker can bypass SSRF protections to leak sensitive information over the network. Affected product: Microsoft Copilot Studio. Root cause per the entry is insufficient validation allowing SSRF bypass. Impact is information discl...

8.5CVSS6.3AI score0.12341EPSS
Exploits0References1Affected Software1
Kaspersky
Kaspersky
added 2024/08/06 12:0 a.m.22 views

KLA71412 OSI vulnerability in Microsoft Office

Information disclosure vulnerability was found in Microsoft Office. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-38206 CVE list CVE-2024-38206 critical Solution Install necessary updates from the KB section, that are listed in your...

8.5CVSS6.3AI score0.12341EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.4 views

Microsoft Copilot Studio 代码问题漏洞

Microsoft Copilot Studio is an artificial intelligence chatbot from Microsoft Corporation USA. A code issue vulnerability exists in Microsoft Copilot Studio that originates from an authenticated attacker who can bypass server-side request forgery SSRF protections, resulting in the disclosure of...

8.5CVSS6.6AI score0.12341EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.13 views

PT-2024-5726

Name of the Vulnerable Software and Affected Versions Microsoft Copilot Studio affected versions not specified Description The issue is related to insufficient validation of incoming requests, allowing an authenticated attacker to bypass Server-Side Request Forgery SSRF protection and potentially...

8.5CVSS5.8AI score0.12341EPSS
Exploits0References44
The Hacker News
The Hacker News
added 2023/12/05 11:29 a.m.42 views

Generative AI Security: Preventing Microsoft Copilot Data Exposure

Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps — Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft's dream is to take the drudgery out of daily work and let human...

6.8AI score
Exploits0
Rows per page
Query Builder