Microsoft 365 Word Copilot
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft 365 Word Copilot.
By the Year
In 2026 there have been 1 vulnerability in Microsoft 365 Word Copilot with an average score of 7.4 out of ten. Last year, in 2025 365 Word Copilot had 1 security vulnerability published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in 365 Word Copilot in 2026 could surpass last years number. Last year, the average CVE base score was greater by 1.90
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 7.40 |
| 2025 | 1 | 9.30 |
It may take a day or so for new 365 Word Copilot vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft 365 Word Copilot Security Vulnerabilities
Jan 2026: Word Copilot Information Disclosure Vulnerability
CVE-2026-21521
7.4 - High
- January 22, 2026
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized attacker to disclose information over a network.
Improper Neutralization of Escape, Meta, or Control Sequences
Oct 2025: M365 Copilot Information Disclosure Vulnerability
CVE-2025-59252
9.3 - Critical
- October 09, 2025
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to disclose information over a network.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft 365 Word Copilot or by Microsoft? Click the Watch button to subscribe.
