Microsoft · M365 Copilot · CVE-2026-33102
**Name of the Vulnerable Software and Affected Versions**
Microsoft 365 Copilot (affected versions not specified)
**Description**
An open redirect allows an unauthorized attacker to redirect users to untrusted sites, which can lead to elevation of privilege over a network and risk to user accounts. This issue is under active exploitation.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.