Description
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in M365 Copilot can be exploited remotely to obtain sensitive information.
- A tampering vulnerability in Microsoft Copilot can be exploited remotely to spoof user interface.
Original advisories
Exploitation
Related products
CVE list
- CVE-2026-42827 critical
- CVE-2026-41090 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!