CVE-2025-59252

Publication date

2025-10-09 21:04:12

Family

microsoft

State

PUBLISHED

Description

Improper neutralization of special elements used in a command (command injection) in Copilot allows an unauthorized attacker to disclose information over a network.