Lucene search
+L

119 matches found

Vulnrichment
Vulnrichment
added 2026/05/22 10:3 p.m.15 views

CVE-2026-42827 M365 Copilot Information Disclosure Vulnerability

...

6.5CVSS5.8AI score0.00503EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.12 views

Microsoft 365 Copilot 命令注入漏洞

Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...

9.3CVSS5.8AI score0.0042EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/21 2:0 p.m.21 views

M365 Copilot Information Disclosure Vulnerability

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.00503EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/21 2:0 p.m.22 views

Microsoft Copilot Tampering Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...

9.3CVSS5.8AI score0.0042EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.18 views

PT-2026-42846

Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...

9.4CVSS5.8AI score0.0042EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2026/05/21 12:0 a.m.21 views

KLA91072 Multiple vulnerabilities in Microsoft Apps

Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in M365 Copilot can be exploited remotely to obta...

9.3CVSS6.8AI score0.00503EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.13 views

CVE-2026-41100

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...

4.4CVSS5.8AI score0.00249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/13 8:23 p.m.14 views

CVE-2026-41614

Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...

6.2CVSS5.8AI score0.00363EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:59 p.m.9 views

CVE-2026-42893

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to perform tampering over a network...

7.4CVSS5.8AI score0.00399EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/12 4:58 p.m.110 views

CVE-2026-41614

CVE-2026-41614 concerns M365 Copilot for Desktop where improper access control enables a local attacker to spoof identities. The available documents identify the affected software (M365 Copilot for Desktop) and the impact as local spoofing due to insufficient access permissions, but do not provid...

6.2CVSS5.8AI score0.00363EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 4:58 p.m.8 views

CVE-2026-41614 M365 Copilot for Desktop Spoofing Vulnerability

...

6.2CVSS5.8AI score0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:58 p.m.49 views

CVE-2026-41614 M365 Copilot for Desktop Spoofing Vulnerability

...

6.2CVSS0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 4:58 p.m.11 views

CVE-2026-41100 Microsoft 365 Copilot for Android Spoofing Vulnerability

...

4.4CVSS5.8AI score0.00249EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:58 p.m.7 views

CVE-2026-41100

Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...

4.4CVSS5.8AI score0.00249EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.46 views

M365 Copilot for Desktop Spoofing Vulnerability

Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...

6.2CVSS5.8AI score0.00363EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

Microsoft M365 Copilot 访问控制错误漏洞

Microsoft M365 Copilot is an AI-driven productivity tool developed by the American company Microsoft. There is a security access control vulnerability in Microsoft M365 Copilot. Attackers exploit this vulnerability to carry out phishing attacks...

4.4CVSS5.8AI score0.00249EPSS
Exploits0References2
NVD
NVD
added 2026/05/07 10:16 p.m.13 views

CVE-2026-26164

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.00799EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.11 views

Microsoft Copilot Chat 命令注入漏洞

Microsoft Copilot Chat is an intelligent dialogue assistant feature integrated into the browser by Microsoft Corporation. Microsoft Copilot Chat has a command injection vulnerability, which stems from improper neutralization of special elements within commands. This vulnerability could allow...

7.5CVSS5.8AI score0.01135EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/25 7:22 a.m.13 views

CVE-2026-33102

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.1AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 12:31 a.m.9 views

EUVD-2026-25310

Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...

9.3CVSS5.7AI score0.00398EPSS
Exploits0References2
Rows per page
Query Builder