All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-41106
CRITICALpublished 2026-07-02 23:16 UTC · 2 days ago
9.3
CVSS / 10
// description
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
// weaknesses (CWE)
- CWE-601