CVE-2026-26129
published 2026-05-07CVE-2026-26129: Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information…
PriorityP351high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.14%
62.5th percentile
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_365_copilot_s_business_chat | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Microsoft 365 Copilots Business Chat special element (EUVD-2026-28445 / WID-SEC-2026-1411)
vuldb·2026-05-24·CVSS 7.5
CVE-2026-26129 [HIGH] Microsoft 365 Copilots Business Chat special element (EUVD-2026-28445 / WID-SEC-2026-1411)
A vulnerability was found in Microsoft 365 Copilots Business Chat. It has been declared as problematic. The impacted element is an unknown function. The manipulation results in improper neutralization of special elements.
This vulnerability is reported as CVE-2026-26129. The attack can be launched remotely. No exploit exists.
This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.
GHSA
GHSA-hpvr-rjcg-4q53: Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network
ghsa_unreviewed·2026-05-08
CVE-2026-26129 [HIGH] CWE-138 GHSA-hpvr-rjcg-4q53: Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network
Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network.
No detection rules found.
No public exploits indexed.
Rapid7
Patch Tuesday - May 2026
blogs_rapid7·2026-05-13·CVSS 10.0
CVE-2026-41089 [CRITICAL] Patch Tuesday - May 2026
Microsoft is publishing 137 vulnerabilities on May 2026 Patch Tuesday . Microsoft is not aware of exploitation in the wild or public disclosure for any of these vulnerabilities. So far this month, Microsoft has provided patches to address 133 browser vulnerabilities, which are not included in the Patch Tuesday count above.
## Windows Netlogon: critical RCE
Anyone responsible for securing a domain controller should prioritize remediation of CVE-2026-41089 , which is a critical stack-based buffer overflow in Windows Netlogon with a CVSS v3 base score of 9.8. Exploitation leads to execution in the context of the Netlogon service, so that’s SYSTEM privileges on the domain controller. For most pentesters, that’s the point at which the customer report more or less writes itself. No privileges
Qualys
Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review
blogs_qualys·2026-05-12
CVE-2026-40364 Microsoft and Adobe Patch Tuesday, May 2026 Security Update Review
## Table of Contents
Microsoft Patch Tuesday forMay2026
Adobe Patches for May 2026
Critical Severity Vulnerabilities Patched inMayPatch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Qualys Monthly Webinar Series
May 2026’s Patch Tuesday arrives with Microsoft addressing a fresh set of vulnerabilities across its ecosystem, reinforcing the ongoing need for timely patching in an increasingly threat-heavy landscape. Here’s a quick breakdown of what you need to know.
## Microsoft Patch Tuesday for May 2026
This month’s release addresses 137 vulnerabilities, including 30 critical and 103 important-severity vulnerabilities.
In this month’s updates, Microsoft has not addressed any publicly disclosed zero-day vulnerability.
Microsoft has addressed 128
Sans Isc
Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
blogs_sans_isc·2026-05-12·CVSS 4.3
CVE-2026-41103 [MEDIUM] Microsoft May 2026 Patch Tuesday, (Tue, May 12th)
Microsoft May 2026 Patch Tuesday
Published: 2026-05-12. Last Updated: 2026-05-12 18:29:36 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)
Today's Microsoft patch Tuesday fixes 137 different vulnerabilities. In addition, the update addresses 137 Chromium-related issues affecting Microsoft Edge.
There are no already disclosed or already exploited vulnerabilities included in today's patches. I removed the Chromium issues from the table below and included only the 137 Microsoft issues to make it more readable.
Note that issues related to Microsoft Azure are labeled as "no customer action required.
Significant Vulnerabilities of interest:
CVE-2026-41103: This vulnerability affects the Microsoft SSO Plugin for Jira & Confluence. Exploitation could lead to an elevation of privileges. Wit
Hackernews
⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
blogs_hackernews·2026-05-11·CVSS 9.3
CVE-2026-6973 [CRITICAL] ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Home
Threat Intelligence
Vulnerabilities
Cyber Attacks
Webinars
Expert Insights
Awards
Webinars
Awards
Free eBooks
About THN
Jobs
Advertise with us
## ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
Rough Monday.
Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should’ve died years ago — the same old holes, same lazy access paths, same “how the hell is this still open” feeling. One report this week basically reads like a guy tripped over root access by accident and decided to stay there.
The weird part is how normal this all sounds now. Fake updates. Quiet backdoors. Remote tools are used like skeleton keys. Forum rats swapping st
Crowdstrike
May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs
blogs_crowdstrike
CVE-2026-20929 May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs
Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications May 13, 2026
May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs May 12, 2026
Inside CrowdStrike Automated Leads: A Transformative Approach to Threat Detections May 11, 2026
CrowdStrike Named a Leader in the First-Ever Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies May 06, 2026
Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications May 13, 2026
May 2026 Patch Tuesday: 30 Critical Vulnerabilities Among 130 CVEs May 12, 2026
Inside CrowdStrike Automated Leads: A Transformative Approach to Threat Detections May 11, 2026
CrowdStrike Named a Leader in the First-Ever Gartner® Magic Quadrant™ for Cyberthreat Intelligence Technologies May 06, 2026
Video Hi
2026-05-07
Published