Security Advisory

CVE-2026-24299

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-19 21:06:24

Last updated 2026-04-14 16:36:28

Assigner microsoft

State PUBLISHED

Description

Improper neutralization of special elements used in a command (command injection) in M365 Copilot allows an unauthorized attacker to disclose information over a network.

← Browse all CVEs View on cve.org ↗