VYPR

365 Copilot Chat

by Microsoft

CVEs (4)

  • CVE-2026-33111HigMay 7, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-26164HigMay 7, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-26129HigMay 7, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-47644MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.01

    Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.