119 matches found
CVE-2026-42827 M365 Copilot Information Disclosure Vulnerability
...
Microsoft 365 Copilot 命令注入漏洞
Microsoft 365 Copilot is a generative AI collaboration assistant integrated into the Microsoft Office suite. Microsoft 365 Copilot has a command injection vulnerability, which stems from improper of special elements during command injections. This vulnerability could allow unauthorized attackers ...
M365 Copilot Information Disclosure Vulnerability
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Microsoft Copilot Tampering Vulnerability
Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...
PT-2026-42846
Name of the Vulnerable Software and Affected Versions Microsoft Copilot affected versions not specified Description Improper neutralization of special elements used in a command, known as command injection, allows an unauthorized attacker to perform tampering over a network. Recommendations At th...
KLA91072 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in M365 Copilot can be exploited remotely to obta...
CVE-2026-41100
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...
CVE-2026-41614
Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...
CVE-2026-42893
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to perform tampering over a network...
CVE-2026-41614
CVE-2026-41614 concerns M365 Copilot for Desktop where improper access control enables a local attacker to spoof identities. The available documents identify the affected software (M365 Copilot for Desktop) and the impact as local spoofing due to insufficient access permissions, but do not provid...
CVE-2026-41614 M365 Copilot for Desktop Spoofing Vulnerability
...
CVE-2026-41614 M365 Copilot for Desktop Spoofing Vulnerability
...
CVE-2026-41100 Microsoft 365 Copilot for Android Spoofing Vulnerability
...
CVE-2026-41100
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally...
M365 Copilot for Desktop Spoofing Vulnerability
Improper access control in M365 Copilot for Desktop allows an unauthorized attacker to perform spoofing locally...
Microsoft M365 Copilot 访问控制错误漏洞
Microsoft M365 Copilot is an AI-driven productivity tool developed by the American company Microsoft. There is a security access control vulnerability in Microsoft M365 Copilot. Attackers exploit this vulnerability to carry out phishing attacks...
CVE-2026-26164
Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...
Microsoft Copilot Chat 命令注入漏洞
Microsoft Copilot Chat is an intelligent dialogue assistant feature integrated into the browser by Microsoft Corporation. Microsoft Copilot Chat has a command injection vulnerability, which stems from improper neutralization of special elements within commands. This vulnerability could allow...
CVE-2026-33102
Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-25310
Url redirection to untrusted site 'open redirect' in M365 Copilot allows an unauthorized attacker to elevate privileges over a network...