CVE-2026-26133
Awaiting Analysis
Awaiting Analysis - Queue
AI Command Injection in M365 Copilot Enables Remote Data Disclosure
Publication date: 2026-03-16
Last updated on: 2026-04-09
Assigner: Microsoft Corporation
Description
Description
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | outlook | * |
| microsoft | 365_copilot | to 16.0.19815.10000 (exc) |
| microsoft | edge | to 145.3800.99 (exc) |
| microsoft | excel | to 16.0.19822.20038 (exc) |
| microsoft | onenote | to 16.0.19725.20142 (exc) |
| microsoft | powerpoint | to 16.0.19822.20038 (exc) |
| microsoft | teams | to 1.0.0.2026043102 (exc) |
| microsoft | word | to 16.0.19822.20038 (exc) |
| microsoft | 365_copilot | to 2.107.2 (exc) |
| microsoft | edge | to 145.3800.99 (exc) |
| microsoft | excel | to 2.106.2 (exc) |
| microsoft | loop | to 2.106 (exc) |
| microsoft | outlook | to 5.2605.0 (exc) |
| microsoft | outlook | to 5.2605.0 (exc) |
| microsoft | onenote | * |
| microsoft | power_bi | to 2.2.260210.21290750 (exc) |
| microsoft | powerpoint | to 2.106.2 (exc) |
| microsoft | teams | to 8.3.1 (exc) |
| microsoft | word | to 2.106.2 (exc) |
| microsoft | power_bi | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
