VYPR
Critical severity9.3NVD Advisory· Published Apr 23, 2026· Updated Apr 29, 2026

CVE-2026-33102

CVE-2026-33102

Description

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.