Skip to main content

Microsoft 365 Copilot EUVDEUVD-2026-31513

| CVE-2026-42827 MEDIUM
Command Injection (CWE-77)
2026-05-22 microsoft GHSA-3x26-xpc6-wm74
6.5
CVSS 3.1 · NVD
Temporal: 5.7
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CIRCL (temporal)
5.7 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
May 22, 2026 - 22:50 vuln.today

DescriptionCVE.org

Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.

AnalysisAI

Command injection in Microsoft 365 Copilot exposes sensitive information to unauthenticated remote attackers when a victim user interacts with attacker-controlled content, resulting in High confidentiality impact with no integrity or availability effect. The vulnerability carries a CVSS 6.5 (Medium) score, reflecting network accessibility and low attack complexity offset by a mandatory user interaction requirement. No public exploit code exists at time of analysis, and Microsoft has released an official patch documented via the Microsoft Security Response Center.

Technical ContextAI

The root cause is CWE-77 (Improper Neutralization of Special Elements used in a Command), a command injection class where attacker-influenced input is passed to an underlying command interpreter without adequate sanitization or escaping. Microsoft 365 Copilot (CPE: cpe:2.3:a:microsoft:microsoft_365_copilot:*:*:*:*:*:*:*:*) is an AI-powered assistant deeply integrated into Microsoft 365 services, processing natural language prompts and documents through backend systems. The wildcard version in the CPE indicates no specific version boundary is defined, suggesting all deployed versions prior to the patch are affected. Command injection in AI assistant products typically arises when user-supplied prompts, document content, or API parameters are interpolated into backend command strings - a risk amplified in Copilot's architecture due to its broad data access across Microsoft 365 tenant resources.

RemediationAI

Apply the vendor-released patch as directed by the Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42827. The CVSS temporal metric RL:O confirms an official fix is available, though an exact patched version number is not specified in the available intelligence beyond 'patch available from vendor' - consult the MSRC advisory directly for the precise update reference. While awaiting patch deployment, compensating controls should focus on the UI:R attack gate: implement user awareness training around unsolicited links and documents that interact with Copilot, and restrict Copilot access for high-sensitivity roles or tenants handling regulated data. Additionally, enable Microsoft Purview audit logging to detect anomalous Copilot data access patterns that may indicate exploitation attempts. Note that restricting Copilot access to vetted content sources will reduce functionality and must be weighed against operational needs.

Share

EUVD-2026-31513 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy