Microsoft 365 Copilot S Business Chat vulnerabilities
6 known vulnerabilities affecting microsoft/microsoft_365_copilot_s_business_chat.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH4
Vulnerabilities
Page 1 of 1
CVE-2025-59286P2CRITICALCVSS 9.3v-2025-10-09
CVE-2025-59286 [CRITICAL] CWE-77 CVE-2025-59286: Improper neutralization of special elements used in a command ('command injection') in Copilot allow
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2025-59272P3CRITICALCVSS 9.3v-2025-10-09
CVE-2025-59272 [CRITICAL] CWE-77 CVE-2025-59272: Improper neutralization of special elements used in a command ('command injection') in Copilot allow
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to perform information disclosure locally.
nvd
CVE-2026-26129P3HIGHCVSS 7.5v-2026-05-07
CVE-2026-26129 [HIGH] CWE-138 CVE-2026-26129: Improper neutralization of special elements used in a command ('command injection') in M365 Copilot
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2026-26164P3HIGHCVSS 7.5v-2026-05-07
CVE-2026-26164 [HIGH] CWE-74 CVE-2026-26164: Improper neutralization of special elements used in a command ('command injection') in M365 Copilot
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2025-53787P3HIGHCVSS 7.5v-2025-08-07
CVE-2025-53787 [HIGH] CWE-77 CVE-2025-53787: Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
nvd
CVE-2025-53774P3HIGHCVSS 7.5v-2025-08-07
CVE-2025-53774 [HIGH] CWE-77 CVE-2025-53774: Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
nvd