Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-26137 | 1 Microsoft | 1 365 Copilot Chat | 2026-03-27 | N/A | 9.9 CRITICAL |
| Server-side request forgery (ssrf) in Microsoft Exchange allows an authorized attacker to elevate privileges over a network. | |||||
| CVE-2025-59286 | 1 Microsoft | 1 365 Copilot Chat | 2025-12-11 | N/A | 9.3 CRITICAL |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network. | |||||
| CVE-2025-59272 | 1 Microsoft | 1 365 Copilot Chat | 2025-12-11 | N/A | 9.3 CRITICAL |
| Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform information disclosure locally. | |||||
| CVE-2025-53787 | 1 Microsoft | 1 365 Copilot Chat | 2025-08-14 | N/A | 8.2 HIGH |
| Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | |||||
| CVE-2025-53774 | 1 Microsoft | 1 365 Copilot Chat | 2025-08-14 | N/A | 6.5 MEDIUM |
| Microsoft 365 Copilot BizChat Information Disclosure Vulnerability | |||||