Dismissed
(exclusively hosted service)
Permalink
CVE-2026-26136
6.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
Microsoft Copilot Information Disclosure Vulnerability
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to disclose information over a network.
References
- Microsoft Copilot Information Disclosure Vulnerability vendor-advisory patch
Affected products
Microsoft Copilot
- ==-