Copilot Microsoft Copilot

  1. Vendors
  2. Microsoft
  3. Copilot

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Copilot.

Recent Microsoft Copilot Security Advisories

Advisory Title Published
CVE-2026-24299 CVE-2026-24299 M365 Copilot Information Disclosure Vulnerability March 19, 2026
CVE-2026-26136 CVE-2026-26136 Microsoft Copilot Information Disclosure Vulnerability March 19, 2026
CVE-2026-26137 CVE-2026-26137 Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability March 19, 2026
CVE-2026-26133 CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability March 12, 2026
CVE-2026-21256 CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability February 10, 2026
CVE-2026-21257 CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability February 10, 2026
CVE-2026-21516 CVE-2026-21516 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability February 10, 2026
CVE-2026-21523 CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability February 10, 2026
CVE-2026-21518 CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability February 10, 2026
CVE-2026-21521 CVE-2026-21521 Word Copilot Information Disclosure Vulnerability January 22, 2026

By the Year

In 2026 there have been 1 vulnerability in Microsoft Copilot with an average score of 6.5 out of ten.

Year Vulnerabilities Average Score
2026 1 6.50

It may take a day or so for new Copilot vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Copilot Security Vulnerabilities

Mar 2026: Microsoft Copilot Information Disclosure Vulnerability
CVE-2026-26136 6.5 - Medium - March 19, 2026

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to disclose information over a network.

Command Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Copilot or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Copilot
Product

subscribe