Jun 2026: M365 Copilot Information Disclosure Vulnerability
CVE-2026-54130 Published on June 18, 2026

M365 Copilot Information Disclosure Vulnerability
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Vendor Advisory NVD

Weakness Type

Missing Authentication for Critical Function

The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Products Associated with CVE-2026-54130

Want to know whenever a new CVE is published for Microsoft 365 Copilot? stack.watch will email you.

Microsoft 365 Copilot

Affected Versions

Microsoft 365 Copilot Version - is affected by CVE-2026-54130

Jun 2026: M365 Copilot Information Disclosure VulnerabilityCVE-2026-54130 Published on June 18, 2026

Weakness Type

Missing Authentication for Critical Function

Products Associated with CVE-2026-54130

Affected Versions

Jun 2026: M365 Copilot Information Disclosure Vulnerability
CVE-2026-54130 Published on June 18, 2026