Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
AnalysisAI
CVE-2026-26133 is an AI command injection vulnerability in Microsoft 365 Copilot and multiple Microsoft mobile/desktop applications that allows remote attackers to disclose sensitive information through crafted AI prompts. The vulnerability affects numerous Microsoft products across iOS, Android, and macOS platforms, requires user interaction, and has a patch available from Microsoft with no current evidence of active exploitation (not in KEV).
Technical ContextAI
This vulnerability represents a new class of AI-specific security issues - command injection through AI prompts in Microsoft's Copilot integration. The affected products span Microsoft's entire mobile ecosystem including M365 Copilot, Edge, Excel, Word, PowerPoint, OneNote, Outlook, Teams, Loop, and PowerBI across Android, iOS, and macOS platforms. While no CWE is assigned, AI command injection typically involves manipulating AI system prompts to bypass intended restrictions and access unauthorized data. The vulnerability specifically targets the Copilot AI assistant functionality integrated across these applications.
RemediationAI
Microsoft has released patches for all affected products - update to the latest versions specified in the EUVD data. Primary remediation: Apply vendor patches through standard app store update mechanisms for mobile apps or Microsoft Update for desktop applications. Vendor advisory available at: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133. As an interim mitigation, organizations could restrict Copilot functionality or implement additional monitoring for suspicious AI prompt patterns until patching is complete.
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12111