Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-21521 | 1 Microsoft | 1 365 Word Copilot | 2026-02-02 | N/A | 7.4 HIGH |
|
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.
|
|||||
| CVE-2025-59252 | 1 Microsoft | 1 365 Word Copilot | 2025-12-11 | N/A | 9.3 CRITICAL |
|
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
|
|||||