CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Microsoft: >> 365 Word Copilot Security Vulnerabilities

CVE-2026-21521

Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.

CVSS Score

7.4

EPSS Score

0.001

Published

2026-01-22

CVE-2025-59252

Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.

CVSS Score

9.3

EPSS Score

0.001

Published

2025-10-09

Page 1

Vulnerabilities

Vulnerable Software

Microsoft: >> 365 Word Copilot Security Vulnerabilities

Products

Pricing

Contact Us