CVE-2026-26137 Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability

1 post » Page 1 of 1

admin Verified: Site Admin; Posts: 22286; Joined: Wed Jun 11, 2025 9:20 pm; Awards

Post by admin Verified » Thu Mar 19, 2026 2:00 pm

Server-side request forgery (ssrf) in Microsoft 365 Copilot's Business Chat allows an authorized attacker to elevate privileges over a network.

Source: https://msrc.microsoft.com/update-guide ... 2026-26137

1 post » Page 1 of 1

Users browsing this forum: No registered users and 1 guest