Microsoft: >> 365 Copilot Security Vulnerabilities
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-03-19
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-03-16
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVSS Score
9.3
EPSS Score
0.001
Published
2026-01-22
Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVSS Score
9.3
EPSS Score
0.099
Published
2025-06-11
Microsoft Office app Remote Code Execution Vulnerability
CVSS Score
9.6
EPSS Score
0.004
Published
2021-12-15