Aller au contenu
appaloosa scout logo main rounded
HIGH 7.1

CVE-2026-26133

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Apps mobiles affectées

Microsoft Edge
com.microsoft.msedge
1 ouverte
Microsoft Edge
com.microsoft.emmx
1 ouverte
Microsoft Excel
com.microsoft.Office.Excel
1 ouverte
Microsoft Excel
com.microsoft.office.excel
1 ouverte
Microsoft OneNote
com.microsoft.onenote
1 ouverte
Microsoft OneNote
com.microsoft.office.onenote
1 ouverte
Microsoft Outlook
com.microsoft.office.outlook
1 ouverte
Microsoft Outlook
com.microsoft.Office.Outlook
1 ouverte
Microsoft PowerPoint
com.microsoft.Office.PowerPoint
1 ouverte
Microsoft PowerPoint
com.microsoft.office.powerpoint
1 ouverte
Microsoft Teams
com.microsoft.teams
1 ouverte
Microsoft Teams
com.microsoft.skype.teams
1 ouverte
Microsoft Word
com.microsoft.Office.Word
1 ouverte
Microsoft Word
com.microsoft.office.word
1 ouverte

Configurations CPE vulnérables

Vendor Produit Plateforme Versions CPE 2.3 URI
microsoft 365_copilot iOS <2.107.2 cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:iphone_os:*:*
microsoft 365_copilot Android <16.0.19815.10000 cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:android:*:*
microsoft edge Android <145.3800.99 cpe:2.3:a:microsoft:edge:*:*:*:*:*:android:*:*
microsoft edge iOS <145.3800.99 cpe:2.3:a:microsoft:edge:*:*:*:*:*:iphone_os:*:*
microsoft excel iOS <2.106.2 cpe:2.3:a:microsoft:excel:*:*:*:*:*:iphone_os:*:*
microsoft excel Android <16.0.19822.20038 cpe:2.3:a:microsoft:excel:*:*:*:*:*:android:*:*
microsoft loop iOS <2.106 cpe:2.3:a:microsoft:loop:*:*:*:*:*:iphone_os:*:*
microsoft onenote Android <16.0.19725.20142 cpe:2.3:a:microsoft:onenote:*:*:*:*:*:android:*:*
microsoft onenote iOS cpe:2.3:a:microsoft:onenote:-:*:*:*:*:iphone_os:*:*
microsoft outlook Android <5.2605.0 cpe:2.3:a:microsoft:outlook:*:*:*:*:*:android:*:*
microsoft outlook iOS <5.2605.0 cpe:2.3:a:microsoft:outlook:*:*:*:*:*:iphone_os:*:*
microsoft power_bi Android <2.2.260210.21290750 cpe:2.3:a:microsoft:power_bi:*:*:*:*:*:android:*:*
microsoft power_bi iOS cpe:2.3:a:microsoft:power_bi:-:*:*:*:*:iphone_os:*:*
microsoft powerpoint iOS <2.106.2 cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:iphone_os:*:*
microsoft powerpoint Android <16.0.19822.20038 cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:android:*:*
microsoft teams Android <1.0.0.2026043102 cpe:2.3:a:microsoft:teams:*:*:*:*:*:android:*:*
microsoft teams iOS <8.3.1 cpe:2.3:a:microsoft:teams:*:*:*:*:*:iphone_os:*:*
microsoft word iOS <2.106.2 cpe:2.3:a:microsoft:word:*:*:*:*:*:iphone_os:*:*
microsoft word Android <16.0.19822.20038 cpe:2.3:a:microsoft:word:*:*:*:*:*:android:*:*
Voir sur NVD ↗