PT-2026-55318 · Microsoft · M365 Copilot

Dan Reimer

+2

·

Published

2026-07-02

·

Updated

2026-07-03

·

CVE-2026-41106

CVSS v3.1

9.3

Critical

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions M365 Copilot (affected versions not specified)
Description M365 Copilot contains an open redirect issue, which occurs when an application redirects users to an untrusted external site. This flaw allows an unauthorized attacker to elevate privileges over a network.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-41106

Affected Products

M365 Copilot