Vulnerability-Lookup

CVE-2026-26133 (GCVE-0-2026-26133)

Vulnerability from cvelistv5 – Published: 2026-03-13 21:10 – Updated: 2026-03-16 14:24

Title

M365 Copilot Information Disclosure Vulnerability

Summary

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C

CWE

Information Disclosure

Assigner

microsoft

References

URL

Tags

https://msrc.microsoft.com/update-guide/vulnerabi…

vendor-advisorypatch

Impacted products

Vendor

Product

Version

Microsoft

Microsoft 365 Copilot for Android

Affected: 1.0 , < 16.0.19815.10000 (custom)

Microsoft	Microsoft 365 Copilot for iOS	Affected: 1.0 , < 2.107.2 (custom)
Microsoft	Microsoft Edge for Android	Affected: 1.0.0 , < 145.3800.99 (custom)
Microsoft	Microsoft Edge for iOS	Affected: 1.0.0.0 , < 145.3800.99 (custom)
Microsoft	Microsoft Excel for Android	Affected: 16.0.0.0 , < 16.0.19822.20038 (custom)
Microsoft	Microsoft Excel for iOS	Affected: 1.0 , < 2.106.26020617 (custom)
Microsoft	Microsoft Loop for iOS	Affected: 2.0.0 , < 2.106.26020617 (custom)
Microsoft	Microsoft OneNote	Affected: 1.0.0 , < 2.106.26020617 (custom)
Microsoft	Microsoft OneNote for Android	Affected: 16.0.1 , < 16.0.19725.20142 (custom)
Microsoft	Microsoft Outlook for Android	Affected: 1.0 , < 5.2605 (custom)
Microsoft	Microsoft Outlook for iOS	Affected: 1.0.0 , < 5.2605 (custom)
Microsoft	Microsoft Outlook for Mac	Affected: 1.0.0 , < 5.2605 (custom)
Microsoft	Microsoft PowerBI for Android	Affected: 2.0.0 , < 2.2.260210.21290750 (custom)
Microsoft	Microsoft PowerBI for iOS	Affected: 1.0.0 , < 1.2.260302.2193910 (custom)
Microsoft	Microsoft PowerPoint for Android	Affected: 16.0.0.0 , < 16.0.19822.20038 (custom)
Microsoft	Microsoft PowerPoint for iOS	Affected: 1.0 , < 2.106.26020617 (custom)
Microsoft	Microsoft Teams for Android	Affected: 1.0.0 , < 1.0.0.2026043102 (custom)
Microsoft	Microsoft Teams for iOS	Affected: 2.0.0 , < 8.3.1 (custom)
Microsoft	Microsoft Word for Android	Affected: 16.0.0.0 , < 16.0.19822.20038 (custom)
Microsoft	Microsoft Word for iOS	Affected: 2.0.0 , < 2.106.26020617 (custom)

Date Public ?

2026-03-12 14:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26133",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-16T14:24:19.473896Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-16T14:24:30.194Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft 365 Copilot for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.19815.10000",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft 365 Copilot for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.107.2",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Edge for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "145.3800.99",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Edge for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "145.3800.99",
              "status": "affected",
              "version": "1.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Excel for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.19822.20038",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Excel for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.106.26020617",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Loop for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.106.26020617",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft OneNote",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.106.26020617",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft OneNote for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.19725.20142",
              "status": "affected",
              "version": "16.0.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Outlook for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "5.2605",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Outlook for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "5.2605",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Outlook for Mac",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "5.2605",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft PowerBI for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.2.260210.21290750",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft PowerBI for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.2.260302.2193910",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft PowerPoint for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.19822.20038",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft PowerPoint for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.106.26020617",
              "status": "affected",
              "version": "1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Teams for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "1.0.0.2026043102",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Teams for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "8.3.1",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Word for Android",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "16.0.19822.20038",
              "status": "affected",
              "version": "16.0.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Microsoft Word for iOS",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "2.106.26020617",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:onenote_for_ios:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.106.26020617",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:outlook:*:*:*:*:*:macos:*:*",
                  "versionEndExcluding": "5.2605",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:outlook_2016:*:*:*:*:*:android:*:*",
                  "versionEndExcluding": "5.2605",
                  "versionStartIncluding": "1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:365_copilot_iOS:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.107.2",
                  "versionStartIncluding": "1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:android:*:*",
                  "versionEndExcluding": "145.3800.99",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:teams:*:*:*:*:*:iphone_os:*:*",
                  "versionEndExcluding": "8.3.1",
                  "versionStartIncluding": "2.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:teams:*:*:*:*:*:android:*:*",
                  "versionEndExcluding": "1.0.0.2026043102",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:excel:*:*:*:*:*:android:*:*",
                  "versionEndExcluding": "16.0.19822.20038",
                  "versionStartIncluding": "16.0.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:word:*:*:*:*:*:android:*:*",
                  "versionEndExcluding": "16.0.19822.20038",
                  "versionStartIncluding": "16.0.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:powerpoint:*:*:iOS:*:*:*:*:*",
                  "versionEndExcluding": "2.106.26020617",
                  "versionStartIncluding": "1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:word:*:*:iOS:*:*:*:*:*",
                  "versionEndExcluding": "2.106.26020617",
                  "versionStartIncluding": "2.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:loop:*:*:iOS:*:*:*:*:*",
                  "versionEndExcluding": "2.106.26020617",
                  "versionStartIncluding": "2.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:outlook:*:*:*:*:*:iphone_os:*:*",
                  "versionEndExcluding": "5.2605",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:365_copilot_Android:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "16.0.19815.10000",
                  "versionStartIncluding": "1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:power_bi_android:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.2.260210.21290750",
                  "versionStartIncluding": "2.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:power_bi_iOS:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "1.2.260302.2193910",
                  "versionStartIncluding": "1.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:onenote_for_android:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "16.0.19725.20142",
                  "versionStartIncluding": "16.0.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:edge:*:*:*:*:*:iphone_os:*:*",
                  "versionEndExcluding": "145.3800.99",
                  "versionStartIncluding": "1.0.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:android:*:*",
                  "versionEndExcluding": "16.0.19822.20038",
                  "versionStartIncluding": "16.0.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:a:microsoft:excel:*:*:iOS:*:*:*:*:*",
                  "versionEndExcluding": "2.106.26020617",
                  "versionStartIncluding": "1.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-03-12T14:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en-US",
              "type": "Impact"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-13T22:25:36.382Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "M365 Copilot Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
        }
      ],
      "title": "M365 Copilot Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-26133",
    "datePublished": "2026-03-13T21:10:13.535Z",
    "dateReserved": "2026-02-11T16:24:51.133Z",
    "dateUpdated": "2026-03-16T14:24:30.194Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-26133\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2026-03-16T14:18:26.337\",\"lastModified\":\"2026-03-16T14:53:07.390\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secure@microsoft.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2}]},\"references\":[{\"url\":\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133\",\"source\":\"secure@microsoft.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-26133\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-16T14:24:19.473896Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-16T14:24:27.333Z\"}}], \"cna\": {\"title\": \"M365 Copilot Information Disclosure Vulnerability\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C\"}, \"scenarios\": [{\"lang\": \"en-US\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Microsoft\", \"product\": \"Microsoft 365 Copilot for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"16.0.19815.10000\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft 365 Copilot for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"2.107.2\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Edge for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"145.3800.99\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Edge for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0.0\", \"lessThan\": \"145.3800.99\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Excel for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0.0\", \"lessThan\": \"16.0.19822.20038\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Excel for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"2.106.26020617\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Loop for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"2.106.26020617\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft OneNote\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"2.106.26020617\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft OneNote for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.1\", \"lessThan\": \"16.0.19725.20142\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Outlook for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"5.2605\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Outlook for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"5.2605\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Outlook for Mac\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"5.2605\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft PowerBI for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"2.2.260210.21290750\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft PowerBI for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"1.2.260302.2193910\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft PowerPoint for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0.0\", \"lessThan\": \"16.0.19822.20038\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft PowerPoint for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"2.106.26020617\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Teams for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.0\", \"lessThan\": \"1.0.0.2026043102\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Teams for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"8.3.1\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Word for Android\", \"versions\": [{\"status\": \"affected\", \"version\": \"16.0.0.0\", \"lessThan\": \"16.0.19822.20038\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Microsoft\", \"product\": \"Microsoft Word for iOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"lessThan\": \"2.106.26020617\", \"versionType\": \"custom\"}]}], \"datePublic\": \"2026-03-12T14:00:00.000Z\", \"references\": [{\"url\": \"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133\", \"name\": \"M365 Copilot Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"Impact\", \"description\": \"Information Disclosure\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:microsoft:onenote_for_ios:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.106.26020617\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:outlook:*:*:*:*:*:macos:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.2605\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:outlook_2016:*:*:*:*:*:android:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.2605\", \"versionStartIncluding\": \"1.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:365_copilot_iOS:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.107.2\", \"versionStartIncluding\": \"1.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:edge:*:*:*:*:*:android:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"145.3800.99\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:teams:*:*:*:*:*:iphone_os:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"8.3.1\", \"versionStartIncluding\": \"2.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:teams:*:*:*:*:*:android:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"1.0.0.2026043102\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:excel:*:*:*:*:*:android:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.19822.20038\", \"versionStartIncluding\": \"16.0.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:word:*:*:*:*:*:android:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.19822.20038\", \"versionStartIncluding\": \"16.0.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:powerpoint:*:*:iOS:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.106.26020617\", \"versionStartIncluding\": \"1.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:word:*:*:iOS:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.106.26020617\", \"versionStartIncluding\": \"2.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:loop:*:*:iOS:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.106.26020617\", \"versionStartIncluding\": \"2.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:outlook:*:*:*:*:*:iphone_os:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.2605\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:365_copilot_Android:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.19815.10000\", \"versionStartIncluding\": \"1.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:power_bi_android:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.2.260210.21290750\", \"versionStartIncluding\": \"2.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:power_bi_iOS:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"1.2.260302.2193910\", \"versionStartIncluding\": \"1.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:onenote_for_android:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.19725.20142\", \"versionStartIncluding\": \"16.0.1\"}, {\"criteria\": \"cpe:2.3:a:microsoft:edge:*:*:*:*:*:iphone_os:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"145.3800.99\", \"versionStartIncluding\": \"1.0.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:android:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"16.0.19822.20038\", \"versionStartIncluding\": \"16.0.0.0\"}, {\"criteria\": \"cpe:2.3:a:microsoft:excel:*:*:iOS:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.106.26020617\", \"versionStartIncluding\": \"1.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2026-03-13T22:25:36.382Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-26133\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-16T14:24:30.194Z\", \"dateReserved\": \"2026-02-11T16:24:51.133Z\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2026-03-13T21:10:13.535Z\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0294

Vulnerability from certfr_avis - Published: 2026-03-13 - Updated: 2026-03-13

Une vulnérabilité a été découverte dans Microsoft Office. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft Excel pour Android versions antérieures à 16.0.19822.20038
Microsoft	N/A	Microsoft PowerPoint pour Android versions antérieures à 16.0.19822.20038
Microsoft	N/A	Microsoft PowerPoint pour iOS versions antérieures à 2.106.26020617
Microsoft	N/A	Microsoft Outlook pour Mac versions antérieures à 5.2605
Microsoft	N/A	Microsoft Word pour iOS versions antérieures à 2.106.26020617
Microsoft	N/A	Microsoft OneNote pour Android versions antérieures à 16.0.19725.20142
Microsoft	N/A	Microsoft Excel pour iOS versions antérieures à 2.106.26020617
Microsoft	N/A	Microsoft Outlook pour Android versions antérieures à 5.2605
Microsoft	N/A	Microsoft 365 Copilot pour Android versions antérieures à 16.0.19815.10000
Microsoft	N/A	Microsoft 365 Copilot pour iOS versions antérieures à 2.107.2
Microsoft	N/A	Microsoft Word pour Android versions antérieures à 16.0.19822.20038
Microsoft	N/A	Microsoft OneNote pour iOS versions antérieures à 2.106.26020617
Microsoft	N/A	Microsoft Outlook pour iOS versions antérieures à 5.2605

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Office CVE-2026-26133

2026-03-12

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Excel pour Android versions ant\u00e9rieures \u00e0 16.0.19822.20038",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft PowerPoint pour Android versions ant\u00e9rieures \u00e0 16.0.19822.20038",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft PowerPoint pour iOS versions ant\u00e9rieures \u00e0 2.106.26020617",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook pour Mac versions ant\u00e9rieures \u00e0 5.2605",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Word pour iOS versions ant\u00e9rieures \u00e0 2.106.26020617",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft OneNote pour Android versions ant\u00e9rieures \u00e0 16.0.19725.20142",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Excel pour iOS versions ant\u00e9rieures \u00e0 2.106.26020617",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook pour Android versions ant\u00e9rieures \u00e0 5.2605",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Copilot pour Android versions ant\u00e9rieures \u00e0 16.0.19815.10000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft 365 Copilot pour iOS versions ant\u00e9rieures \u00e0 2.107.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Word pour Android versions ant\u00e9rieures \u00e0 16.0.19822.20038",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft OneNote pour iOS versions ant\u00e9rieures \u00e0 2.106.26020617",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook pour iOS versions ant\u00e9rieures \u00e0 5.2605",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-26133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26133"
    }
  ],
  "initial_release_date": "2026-03-13T00:00:00",
  "last_revision_date": "2026-03-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0294",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Microsoft Office. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Office",
  "vendor_advisories": [
    {
      "published_at": "2026-03-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Office CVE-2026-26133",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
    }
  ]
}

CERTFR-2026-AVI-0293

Vulnerability from certfr_avis - Published: 2026-03-13 - Updated: 2026-03-13

Une vulnérabilité a été découverte dans Microsoft Edge. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Edge pour Android versions antérieures à 145.3800.99
	Microsoft	N/A	Microsoft Edge pour iOS versions antérieures à 145.3800.99

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Edge CVE-2026-26133

2026-03-12

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge pour Android versions ant\u00e9rieures \u00e0 145.3800.99",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Edge pour iOS versions ant\u00e9rieures \u00e0 145.3800.99",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-26133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26133"
    }
  ],
  "initial_release_date": "2026-03-13T00:00:00",
  "last_revision_date": "2026-03-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0293",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Microsoft Edge. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Vuln\u00e9rabilit\u00e9 dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": "2026-03-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-26133",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
    }
  ]
}

CERTFR-2026-AVI-0295

Vulnerability from certfr_avis - Published: 2026-03-13 - Updated: 2026-03-13

Une vulnérabilité a été découverte dans les produits Microsoft. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	N/A	Microsoft PowerBI pour iOS versions antérieures à 1.2.260302.2193910
Microsoft	N/A	Microsoft Teams pour Android versions antérieures à 1.0.0.2026043102
Microsoft	N/A	Microsoft Loop pour iOS versions antérieures à 2.106.26020617
Microsoft	N/A	Microsoft Teams pour iOS versions antérieures à 8.3.1
Microsoft	N/A	Microsoft PowerBI pour Android versions antérieures à 2.2.260210.21290750

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-26133

2026-03-12

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft PowerBI pour iOS versions ant\u00e9rieures \u00e0 1.2.260302.2193910",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Teams pour Android versions ant\u00e9rieures \u00e0 1.0.0.2026043102",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Loop pour iOS versions ant\u00e9rieures \u00e0 2.106.26020617",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Teams pour iOS versions ant\u00e9rieures \u00e0 8.3.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft PowerBI pour Android versions ant\u00e9rieures \u00e0 2.2.260210.21290750",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-26133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-26133"
    }
  ],
  "initial_release_date": "2026-03-13T00:00:00",
  "last_revision_date": "2026-03-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0295",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Microsoft. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": "2026-03-12",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-26133",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
    }
  ]
}

FKIE_CVE-2026-26133

Vulnerability from fkie_nvd - Published: 2026-03-16 14:18 - Updated: 2026-03-16 14:53

Severity ?

7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Summary

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

References

	URL	Tags
	secure@microsoft.com	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network."
    }
  ],
  "id": "CVE-2026-26133",
  "lastModified": "2026-03-16T14:53:07.390",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "secure@microsoft.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-03-16T14:18:26.337",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Awaiting Analysis"
}

GHSA-RJF5-CXRF-4RVW

Vulnerability from github – Published: 2026-03-16 15:30 – Updated: 2026-03-16 15:30

Details

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Severity ?

7.1 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-26133"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-03-16T14:18:26Z",
    "severity": "HIGH"
  },
  "details": "AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.",
  "id": "GHSA-rjf5-cxrf-4rvw",
  "modified": "2026-03-16T15:30:42Z",
  "published": "2026-03-16T15:30:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26133"
    },
    {
      "type": "WEB",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

MSRC_CVE-2026-26133

Vulnerability from csaf_microsoft - Published: 2026-03-10 07:00 - Updated: 2026-03-12 07:00

Summary

M365 Copilot Information Disclosure Vulnerability

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

Customer Action

Required. The vulnerability documented by this CVE requires customer action to resolve.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Andi Ahmeti (https://www.linkedin.com/in/andi-ahmeti/) with Permiso Security https://permiso.io/"
        ]
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.microsoft.com/en-us/msrc/security-update-severity-rating-system",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      },
      {
        "category": "general",
        "text": "Required. The vulnerability documented by this CVE requires customer action to resolve.",
        "title": "Customer Action"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability - HTML",
        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
      },
      {
        "category": "self",
        "summary": "CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability - CSAF",
        "url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-26133.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Exploitability Index",
        "url": "https://www.microsoft.com/en-us/msrc/exploitability-index?rtc=1"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "M365 Copilot Information Disclosure Vulnerability",
    "tracking": {
      "current_release_date": "2026-03-12T07:00:00.000Z",
      "generator": {
        "date": "2026-03-12T12:59:05.133Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-26133",
      "initial_release_date": "2026-03-10T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-03-12T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.106.26020617",
            "product": {
              "name": "Microsoft OneNote for iOS \u003c2.106.26020617",
              "product_id": "9"
            }
          },
          {
            "category": "product_version",
            "name": "2.106.26020617",
            "product": {
              "name": "Microsoft OneNote for iOS 2.106.26020617",
              "product_id": "12520"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft OneNote for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c5.2605",
            "product": {
              "name": "Microsoft Outlook for Mac \u003c5.2605",
              "product_id": "10"
            }
          },
          {
            "category": "product_version",
            "name": "5.2605",
            "product": {
              "name": "Microsoft Outlook for Mac 5.2605",
              "product_id": "12466"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Outlook for Mac"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c5.2605",
            "product": {
              "name": "Microsoft Outlook for Android \u003c5.2605",
              "product_id": "20"
            }
          },
          {
            "category": "product_version",
            "name": "5.2605",
            "product": {
              "name": "Microsoft Outlook for Android 5.2605",
              "product_id": "10685"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Outlook for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.107.2",
            "product": {
              "name": "Microsoft 365 Copilot for iOS \u003c2.107.2",
              "product_id": "8"
            }
          },
          {
            "category": "product_version",
            "name": "2.107.2",
            "product": {
              "name": "Microsoft 365 Copilot for iOS 2.107.2",
              "product_id": "21043"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft 365 Copilot for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c145.3800.99",
            "product": {
              "name": "Microsoft Edge for Android \u003c145.3800.99",
              "product_id": "17"
            }
          },
          {
            "category": "product_version",
            "name": "145.3800.99",
            "product": {
              "name": "Microsoft Edge for Android 145.3800.99",
              "product_id": "11815"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Edge for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c8.3.1",
            "product": {
              "name": "Microsoft Teams for iOS \u003c8.3.1",
              "product_id": "16"
            }
          },
          {
            "category": "product_version",
            "name": "8.3.1",
            "product": {
              "name": "Microsoft Teams for iOS 8.3.1",
              "product_id": "11858"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Teams for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c1.0.0.2026043102",
            "product": {
              "name": "Microsoft Teams for Android \u003c1.0.0.2026043102",
              "product_id": "14"
            }
          },
          {
            "category": "product_version",
            "name": "1.0.0.2026043102",
            "product": {
              "name": "Microsoft Teams for Android 1.0.0.2026043102",
              "product_id": "12007"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Teams for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.19822.20038",
            "product": {
              "name": "Microsoft Excel for Android \u003c16.0.19822.20038",
              "product_id": "13"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.19822.20038",
            "product": {
              "name": "Microsoft Excel for Android 16.0.19822.20038",
              "product_id": "12031"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Excel for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.19822.20038",
            "product": {
              "name": "Microsoft Word for Android \u003c16.0.19822.20038",
              "product_id": "18"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.19822.20038",
            "product": {
              "name": "Microsoft Word for Android 16.0.19822.20038",
              "product_id": "11772"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Word for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.106.26020617",
            "product": {
              "name": "Microsoft PowerPoint for iOS \u003c2.106.26020617",
              "product_id": "3"
            }
          },
          {
            "category": "product_version",
            "name": "2.106.26020617",
            "product": {
              "name": "Microsoft PowerPoint for iOS 2.106.26020617",
              "product_id": "21048"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft PowerPoint for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.106.26020617",
            "product": {
              "name": "Microsoft Word for iOS \u003c2.106.26020617",
              "product_id": "2"
            }
          },
          {
            "category": "product_version",
            "name": "2.106.26020617",
            "product": {
              "name": "Microsoft Word for iOS 2.106.26020617",
              "product_id": "21049"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Word for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.106.26020617",
            "product": {
              "name": "Microsoft Loop for iOS \u003c2.106.26020617",
              "product_id": "1"
            }
          },
          {
            "category": "product_version",
            "name": "2.106.26020617",
            "product": {
              "name": "Microsoft Loop for iOS 2.106.26020617",
              "product_id": "21050"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Loop for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c5.2605",
            "product": {
              "name": "Microsoft Outlook for iOS \u003c5.2605",
              "product_id": "19"
            }
          },
          {
            "category": "product_version",
            "name": "5.2605",
            "product": {
              "name": "Microsoft Outlook for iOS 5.2605",
              "product_id": "11685"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Outlook for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.19815.10000",
            "product": {
              "name": "Microsoft 365 Copilot for Android \u003c16.0.19815.10000",
              "product_id": "7"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.19815.10000",
            "product": {
              "name": "Microsoft 365 Copilot for Android 16.0.19815.10000",
              "product_id": "21044"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft 365 Copilot for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.2.260210.21290750",
            "product": {
              "name": "Microsoft PowerBI for Android \u003c2.2.260210.21290750",
              "product_id": "6"
            }
          },
          {
            "category": "product_version",
            "name": "2.2.260210.21290750",
            "product": {
              "name": "Microsoft PowerBI for Android 2.2.260210.21290750",
              "product_id": "21045"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft PowerBI for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c1.2.260302.2193910",
            "product": {
              "name": "Microsoft PowerBI for iOS \u003c1.2.260302.2193910",
              "product_id": "5"
            }
          },
          {
            "category": "product_version",
            "name": "1.2.260302.2193910",
            "product": {
              "name": "Microsoft PowerBI for iOS 1.2.260302.2193910",
              "product_id": "21046"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft PowerBI for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.19725.20142",
            "product": {
              "name": "Microsoft OneNote for Android \u003c16.0.19725.20142",
              "product_id": "11"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.19725.20142",
            "product": {
              "name": "Microsoft OneNote for Android 16.0.19725.20142",
              "product_id": "12153"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft OneNote for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c145.3800.99",
            "product": {
              "name": "Microsoft Edge for iOS \u003c145.3800.99",
              "product_id": "15"
            }
          },
          {
            "category": "product_version",
            "name": "145.3800.99",
            "product": {
              "name": "Microsoft Edge for iOS 145.3800.99",
              "product_id": "11966"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Edge for iOS"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c16.0.19822.20038",
            "product": {
              "name": "Microsoft PowerPoint for Android \u003c16.0.19822.20038",
              "product_id": "12"
            }
          },
          {
            "category": "product_version",
            "name": "16.0.19822.20038",
            "product": {
              "name": "Microsoft PowerPoint for Android 16.0.19822.20038",
              "product_id": "12032"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft PowerPoint for Android"
      },
      {
        "branches": [
          {
            "category": "product_version_range",
            "name": "\u003c2.106.26020617",
            "product": {
              "name": "Microsoft Excel for iOS \u003c2.106.26020617",
              "product_id": "4"
            }
          },
          {
            "category": "product_version",
            "name": "2.106.26020617",
            "product": {
              "name": "Microsoft Excel for iOS 2.106.26020617",
              "product_id": "21047"
            }
          }
        ],
        "category": "product_name",
        "name": "Microsoft Excel for iOS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-26133",
      "notes": [
        {
          "category": "general",
          "text": "Microsoft",
          "title": "Assigning CNA"
        },
        {
          "category": "faq",
          "text": "An attacker who successfully exploited this vulnerability could use malicious email to cause Copilot to present authoritative\u2011looking phishing messages that prompt the user to click links leading to data exfiltration or navigation to a malicious site.",
          "title": "According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). Why does the CVE title indicate that this is information disclosure?"
        },
        {
          "category": "faq",
          "text": "An attacker who successfully exploited this vulnerability could potentially view sensitive information (confidentiality) or make limited changes to disclosed information (integrity); however, it is unlikely that both would be impacted simultaneously, and the attacker would not be able to affect availability.",
          "title": "According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability?"
        }
      ],
      "product_status": {
        "fixed": [
          "10685",
          "11685",
          "11772",
          "11815",
          "11858",
          "11966",
          "12007",
          "12031",
          "12032",
          "12153",
          "12466",
          "12520",
          "21043",
          "21044",
          "21045",
          "21046",
          "21047",
          "21048",
          "21049",
          "21050"
        ],
        "known_affected": [
          "1",
          "2",
          "3",
          "4",
          "5",
          "6",
          "7",
          "8",
          "9",
          "10",
          "11",
          "12",
          "13",
          "14",
          "15",
          "16",
          "17",
          "18",
          "19",
          "20"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability - HTML",
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26133"
        },
        {
          "category": "self",
          "summary": "CVE-2026-26133 M365 Copilot Information Disclosure Vulnerability - CSAF",
          "url": "https://msrc.microsoft.com/csaf/advisories/2026/msrc_cve-2026-26133.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.106.26020617:Security Update:https://apps.apple.com/us/app/microsoft-onenote/id410395246?platform=mac",
          "product_ids": [
            "9"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-onenote/id410395246?platform=mac"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "5.2605:Security Update:https://go.microsoft.com/fwlink/p/?linkid=831049",
          "product_ids": [
            "10"
          ],
          "url": "https://go.microsoft.com/fwlink/p/?linkid=831049"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "5.2605:Security Update:https://learn.microsoft.com/en-us/officeupdates/release-notes-outlook-mobile",
          "product_ids": [
            "20"
          ],
          "url": "https://learn.microsoft.com/en-us/officeupdates/release-notes-outlook-mobile"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.107.2:Security Update:https://apps.apple.com/us/app/microsoft-365-copilot/id541164041",
          "product_ids": [
            "8"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-365-copilot/id541164041"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "145.3800.99:Security Update:https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security",
          "product_ids": [
            "17",
            "15"
          ],
          "url": "https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "8.3.1:Security Update:https://apps.apple.com/us/app/microsoft-teams/id1113153706",
          "product_ids": [
            "16"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-teams/id1113153706"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "1.0.0.2026043102:Security Update:https://play.google.com/store/apps/details?id=com.microsoft.teams",
          "product_ids": [
            "14"
          ],
          "url": "https://play.google.com/store/apps/details?id=com.microsoft.teams"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "16.0.19822.20038:Security Update:https://play.google.com/store/apps/details?id=com.microsoft.office.excel\u0026hl=en_US",
          "product_ids": [
            "13"
          ],
          "url": "https://play.google.com/store/apps/details?id=com.microsoft.office.excel\u0026hl=en_US"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "16.0.19822.20038:Security Update:https://play.google.com/store/apps/details?id=com.microsoft.office.word\u0026hl=en_US",
          "product_ids": [
            "18"
          ],
          "url": "https://play.google.com/store/apps/details?id=com.microsoft.office.word\u0026hl=en_US"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.106.26020617:Security Update:https://apps.apple.com/us/app/microsoft-powerpoint/id586449534?platform=mac",
          "product_ids": [
            "3"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-powerpoint/id586449534?platform=mac"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.106.26020617:Security Update:https://apps.apple.com/us/app/microsoft-word/id462054704?mt=12",
          "product_ids": [
            "2"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-word/id462054704?mt=12"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.106.26020617:Security Update:https://apps.apple.com/us/app/microsoft-loop/id1637682491",
          "product_ids": [
            "1"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-loop/id1637682491"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "5.2605:Security Update:https://apps.apple.com/ca/app/microsoft-outlook/id951937596",
          "product_ids": [
            "19"
          ],
          "url": "https://apps.apple.com/ca/app/microsoft-outlook/id951937596"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "16.0.19815.10000:Security Update:https://play.google.com/store/search?q=copilot+365\u0026c=apps",
          "product_ids": [
            "7"
          ],
          "url": "https://play.google.com/store/search?q=copilot+365\u0026c=apps"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.2.260210.21290750:Security Update:https://play.google.com/store/search?q=powerbi\u0026c=apps",
          "product_ids": [
            "6"
          ],
          "url": "https://play.google.com/store/search?q=powerbi\u0026c=apps"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "1.2.260302.2193910:Security Update:https://apps.apple.com/us/app/microsoft-power-bi/id929738808",
          "product_ids": [
            "5"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-power-bi/id929738808"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "16.0.19725.20142:Security Update:https://play.google.com/store/apps/details?id=com.microsoft.office.onenote",
          "product_ids": [
            "11"
          ],
          "url": "https://play.google.com/store/apps/details?id=com.microsoft.office.onenote"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "16.0.19822.20038:Security Update:https://play.google.com/store/apps/details?id=com.microsoft.office.powerpoint\u0026hl=en_US",
          "product_ids": [
            "12"
          ],
          "url": "https://play.google.com/store/apps/details?id=com.microsoft.office.powerpoint\u0026hl=en_US"
        },
        {
          "category": "vendor_fix",
          "date": "2026-03-12T07:00:00.000Z",
          "details": "2.106.26020617:Security Update:https://apps.apple.com/us/app/microsoft-excel/id586683407?platform=mac",
          "product_ids": [
            "4"
          ],
          "url": "https://apps.apple.com/us/app/microsoft-excel/id586683407?platform=mac"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalsScore": 0.0,
            "exploitCodeMaturity": "UNPROVEN",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "remediationLevel": "OFFICIAL_FIX",
            "reportConfidence": "CONFIRMED",
            "scope": "UNCHANGED",
            "temporalScore": 6.2,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2",
            "3",
            "4",
            "5",
            "6",
            "7",
            "8",
            "9",
            "10",
            "11",
            "12",
            "13",
            "14",
            "15",
            "16",
            "17",
            "18",
            "19",
            "20"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Information Disclosure"
        },
        {
          "category": "exploit_status",
          "details": "Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely"
        }
      ],
      "title": "M365 Copilot Information Disclosure Vulnerability"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-26133 (GCVE-0-2026-26133)

CERTFR-2026-AVI-0294

Solutions

CERTFR-2026-AVI-0293

Solutions

CERTFR-2026-AVI-0295

Solutions

FKIE_CVE-2026-26133

GHSA-RJF5-CXRF-4RVW

MSRC_CVE-2026-26133

Tags

Sightings

Nomenclature