7 matches found
CVE-2025-53787
CVE-2025-53787 concerns Microsoft 365 Copilot BizChat Information Disclosure Vulnerability. Affected component is Microsoft 365 Copilot BizChat; root cause and specifics vary across sources. Public references list this CVE as enabling information disclosure with high impact to confidentiality, wi...
CVE-2025-53774
CVE-2025-53774 is associated with Microsoft 365 Copilot BizChat Information Disclosure. Connected documents largely reiterate the affected product (BizChat) and vulnerability context, but do not provide explicit technical specifics (affected versions, root cause, exploitation details, or fixes) w...
CVE-2025-59286
CVE-2025-59286 is identified across multiple sources as a Copilot Spoofing/Information Disclosure vulnerability related to Microsoft 365 Copilot Business Chat. The NVD entry describes command-injection related information disclosure, while CNVD/CNNVD and other feeds label it as a Copilot spoofing...
CVE-2026-26129
CVE-2026-26129 affects M365 Copilot. Root cause: improper neutralization of special elements enabling unauthorized information disclosure over a network. CVSS v3.1 base score 7.5 (NETWORK, HIGH confidentiality impact). No explicit exploit status or remediation details provided in the supplied doc...
CVE-2025-59272
CVE-2025-59272 : Affects Microsoft 365 Copilot Business Chat. Described as a spoofing/command-injection vulnerability caused by improper neutralization of special elements in Copilot, enabling an unauthorized attacker to perform local information disclosure. Root cause: improper input handling in...
CVE-2026-26137
CVE-2026-26137 is described as a server-side request forgery (SSRF) that affects Microsoft Exchange (and related Microsoft 365 Copilot/Business Chat contexts in linked sources). The available documents state that an authorized attacker can elevate privileges over a network, with the CVSS 3.1 scor...
CVE-2026-26164
Technical details about CVE-2026-26164 are not publicly available in the provided documents. Monitor for updates for affected products, impact specifics, and remediation guidance.