Known Vulnerabilities for 365 Copilot by Microsoft
Listed below are 10 of the newest known vulnerabilities associated with "365 Copilot" by "Microsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-54130 json | Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a n... | Not Provided | 2026-06-18 | 2026-06-22 |
| CVE-2026-50519 json | Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacke... | Not Provided | 2026-06-19 | 2026-06-22 |
| CVE-2026-47645 json | Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker ... | Not Provided | 2026-06-19 | 2026-06-22 |
| CVE-2026-47644 json | Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft... | Not Provided | 2026-06-04 | 2026-06-06 |
| CVE-2026-45497 json | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized... | Not Provided | 2026-06-04 | 2026-06-06 |
| CVE-2026-45482 json | Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacke... | Not Provided | 2026-06-09 | 2026-06-19 |
| CVE-2026-45474 json | Not Provided | 2026-06-09 | 2026-06-19 | |
| CVE-2026-45472 json | Not Provided | 2026-06-09 | 2026-06-19 | |
| CVE-2026-45463 json | Not Provided | 2026-06-09 | 2026-06-19 | |
| CVE-2026-45461 json | Not Provided | 2026-06-09 | 2026-06-19 |