AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Microsoft |
|
No data.
No data.
References
History
Mon, 16 Mar 2026 10:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Microsoft 365 Copilot For Android
Microsoft 365 Copilot For Ios Microsoft edge For Android Microsoft edge For Ios Microsoft excel For Android Microsoft excel For Ios Microsoft loop For Ios Microsoft onenote Microsoft outlook For Android Microsoft outlook For Ios Microsoft outlook For Mac Microsoft powerbi For Android Microsoft powerbi For Ios Microsoft powerpoint For Android Microsoft powerpoint For Ios Microsoft teams For Android Microsoft teams For Ios Microsoft word For Android Microsoft word For Ios |
|
| Vendors & Products |
Microsoft 365 Copilot For Android
Microsoft 365 Copilot For Ios Microsoft edge For Android Microsoft edge For Ios Microsoft excel For Android Microsoft excel For Ios Microsoft loop For Ios Microsoft onenote Microsoft outlook For Android Microsoft outlook For Ios Microsoft outlook For Mac Microsoft powerbi For Android Microsoft powerbi For Ios Microsoft powerpoint For Android Microsoft powerpoint For Ios Microsoft teams For Android Microsoft teams For Ios Microsoft word For Android Microsoft word For Ios |
Fri, 13 Mar 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. | |
| Title | M365 Copilot Information Disclosure Vulnerability | |
| First Time appeared |
Microsoft
Microsoft 365 Copilot Android Microsoft 365 Copilot Ios Microsoft edge Microsoft excel Microsoft loop Microsoft onenote For Android Microsoft onenote For Ios Microsoft outlook Microsoft outlook 2016 Microsoft power Bi Android Microsoft power Bi Ios Microsoft powerpoint Microsoft teams Microsoft word |
|
| CPEs | cpe:2.3:a:microsoft:365_copilot_Android:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:365_copilot_iOS:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:edge:*:*:*:*:*:android:*:* cpe:2.3:a:microsoft:edge:*:*:*:*:*:iphone_os:*:* cpe:2.3:a:microsoft:excel:*:*:*:*:*:android:*:* cpe:2.3:a:microsoft:excel:*:*:iOS:*:*:*:*:* cpe:2.3:a:microsoft:loop:*:*:iOS:*:*:*:*:* cpe:2.3:a:microsoft:onenote_for_android:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:onenote_for_ios:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:outlook:*:*:*:*:*:iphone_os:*:* cpe:2.3:a:microsoft:outlook:*:*:*:*:*:macos:*:* cpe:2.3:a:microsoft:outlook_2016:*:*:*:*:*:android:*:* cpe:2.3:a:microsoft:power_bi_android:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:power_bi_iOS:*:*:*:*:*:*:*:* cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:android:*:* cpe:2.3:a:microsoft:powerpoint:*:*:iOS:*:*:*:*:* cpe:2.3:a:microsoft:teams:*:*:*:*:*:android:*:* cpe:2.3:a:microsoft:teams:*:*:*:*:*:iphone_os:*:* cpe:2.3:a:microsoft:word:*:*:*:*:*:android:*:* cpe:2.3:a:microsoft:word:*:*:iOS:*:*:*:*:* |
|
| Vendors & Products |
Microsoft
Microsoft 365 Copilot Android Microsoft 365 Copilot Ios Microsoft edge Microsoft excel Microsoft loop Microsoft onenote For Android Microsoft onenote For Ios Microsoft outlook Microsoft outlook 2016 Microsoft power Bi Android Microsoft power Bi Ios Microsoft powerpoint Microsoft teams Microsoft word |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: microsoft
Published: 2026-03-13T21:10:13.535Z
Updated: 2026-03-13T22:25:36.382Z
Reserved: 2026-02-11T16:24:51.133Z
Link: CVE-2026-26133
Vulnrichment
No data.
NVD
No data.
Redhat
No data.