Known Vulnerabilities for Elements For Microsoft 365 by F-secure
Listed below are 3 of the newest known vulnerabilities associated with "Elements For Microsoft 365" by "F-secure".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-48561 json | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthoriz... | Not Provided | 2026-07-14 | 2026-07-15 |
| CVE-2026-47644 json | Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft... | Not Provided | 2026-06-04 | 2026-06-06 |
| CVE-2026-47634 json | Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Office ShareP... | Not Provided | 2026-06-09 | 2026-07-08 |
| CVE-2026-47294 json | Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Office SharePoint all... | Not Provided | 2026-06-01 | 2026-06-17 |
| CVE-2026-45497 json | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized... | Not Provided | 2026-06-04 | 2026-06-06 |
| CVE-2026-42895 json | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthoriz... | Not Provided | 2026-06-19 | 2026-06-26 |
| CVE-2026-42838 json | Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Edge (Chromiu... | Not Provided | 2026-05-12 | 2026-05-13 |
| CVE-2026-42835 json | Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for And... | Not Provided | 2026-06-09 | 2026-06-10 |
| CVE-2026-41090 json | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthoriz... | Not Provided | 2026-05-22 | 2026-05-27 |
| CVE-2026-33111 json | Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows a... | Not Provided | 2026-05-07 | 2026-05-13 |