Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Dismissed
(exclusively hosted service)
Permalink CVE-2026-26137
8.9 HIGH
  • CVSS version: 3.1
  • Attack vector (AV):
  • Attack complexity (AC):
  • Privileges required (PR):
  • User interaction (UI):
  • Scope (S):
  • Confidentiality impact (C):
  • Integrity impact (I):
  • Availability impact (A):
created 2 days, 6 hours ago
Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability

Server-side request forgery (ssrf) in Microsoft 365 Copilot's Business Chat allows an authorized attacker to elevate privileges over a network.

References

Affected products

Microsoft 365 Copilot's Business Chat
  • ==-