Microsoft 365 Word Copilot vulnerabilities
2 known vulnerabilities affecting microsoft/microsoft_365_word_copilot.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-59252P2CRITICALCVSS 9.3v-2025-10-09
CVE-2025-59252 [CRITICAL] CWE-77 CVE-2025-59252: Improper neutralization of special elements used in a command ('command injection') in Copilot allow
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2026-21521P3HIGHCVSS 7.4v-2026-01-22
CVE-2026-21521 [HIGH] CWE-150 CVE-2026-21521: Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized atta
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.
nvd