EXECUTIVE SUMMARY
Microsoft has disclosed three high-severity vulnerabilities affecting Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. The vulnerabilities could allow attackers to exploit prompt injection and command in-jection weaknesses to access sensitive enterprise data processed by AI-powered services. Microsoft has confirmed that backend mitigations have already been deployed, and affected cloud services are currently protected.
- CVE: CVE-2026-26129, CVE-2026-26164, CVE-2026-33111
- CVSS Score: 7.5
- Threat Type: Information Disclosure / Prompt Injection Vulnerabilities
- Active Region: Global
- Affected Sector: Enterprise / Corporate Organizations
- Affected Product: Microsoft 365 Copilot, Copilot Chat in Microsoft Edge
- Severity: High
- Published Date: May 11, 2026
TECHNICAL DETAILS
The disclosed vulnerabilities affect the way Microsoft 365 Copilot and Copilot Chat process specially crafted prompts and AI-generated outputs within enterprise environments. By exploiting these weak-nesses, attackers could manipulate AI behaviour to retrieve sensitive information from integrated Mi-crosoft 365 services.
- Target: Microsoft 365 Copilot and Copilot Chat integrated with enterprise services such as Outlook, Teams, SharePoint, Word, and Microsoft Edge environments containing sensitive organizational data.
- Root Cause: Improper neutralization and insufficient sanitization of specially crafted inputs and AI-generated outputs, leading to prompt injection,……
