Lucene search
K
Microsoft365 Copilot Chat

7 matches found

CVE
CVE
added 2025/08/07 9:1 p.m.44 views

CVE-2025-53787

CVE-2025-53787 concerns Microsoft 365 Copilot BizChat Information Disclosure Vulnerability. Affected component is Microsoft 365 Copilot BizChat; root cause and specifics vary across sources. Public references list this CVE as enabling information disclosure with high impact to confidentiality, wi...

8.2CVSS6.2AI score0.00641EPSS
CVE
CVE
added 2025/08/07 9:1 p.m.39 views

CVE-2025-53774

CVE-2025-53774 is associated with Microsoft 365 Copilot BizChat Information Disclosure. Connected documents largely reiterate the affected product (BizChat) and vulnerability context, but do not provide explicit technical specifics (affected versions, root cause, exploitation details, or fixes) w...

7.5CVSS6.2AI score0.00548EPSS
CVE
CVE
added 2025/10/09 9:4 p.m.31 views

CVE-2025-59286

CVE-2025-59286 is identified across multiple sources as a Copilot Spoofing/Information Disclosure vulnerability related to Microsoft 365 Copilot Business Chat. The NVD entry describes command-injection related information disclosure, while CNVD/CNNVD and other feeds label it as a Copilot spoofing...

9.3CVSS8.6AI score0.00533EPSS
CVE
CVE
added 2026/05/07 8:58 p.m.31 views

CVE-2026-26129

CVE-2026-26129 affects M365 Copilot. Root cause: improper neutralization of special elements enabling unauthorized information disclosure over a network. CVSS v3.1 base score 7.5 (NETWORK, HIGH confidentiality impact). No explicit exploit status or remediation details provided in the supplied doc...

7.5CVSS5.8AI score0.01135EPSS
CVE
CVE
added 2025/10/09 9:4 p.m.22 views

CVE-2025-59272

CVE-2025-59272 : Affects Microsoft 365 Copilot Business Chat. Described as a spoofing/command-injection vulnerability caused by improper neutralization of special elements in Copilot, enabling an unauthorized attacker to perform local information disclosure. Root cause: improper input handling in...

9.3CVSS8.5AI score0.00529EPSS
CVE
CVE
added 2026/03/19 9:6 p.m.17 views

CVE-2026-26137

CVE-2026-26137 is described as a server-side request forgery (SSRF) that affects Microsoft Exchange (and related Microsoft 365 Copilot/Business Chat contexts in linked sources). The available documents state that an authorized attacker can elevate privileges over a network, with the CVSS 3.1 scor...

9.9CVSS5.9AI score0.00539EPSS
CVE
CVE
added 2026/05/07 8:58 p.m.16 views

CVE-2026-26164

Technical details about CVE-2026-26164 are not publicly available in the provided documents. Monitor for updates for affected products, impact specifics, and remediation guidance.

7.5CVSS5.8AI score0.00799EPSS