Open Redirect Vulnerability in Microsoft 365 Copilot
CVE-2026-41106
9.3CRITICAL
What is CVE-2026-41106?
An open redirect vulnerability in Microsoft 365 Copilot enables an unauthorized attacker to redirect users to untrusted sites. This security issue could potentially allow the attacker to elevate privileges over a network, posing a significant risk to users and organizations. It's crucial to address this vulnerability promptly to maintain the integrity and security of the Microsoft 365 Copilot environment.
Affected Version(s)
Microsoft 365 Copilot -