CNNVD-202601-3922 Information

CNNVD ID

CNNVD-202601-3922

Related CVE

CVE-2026-21520

• CNNVD Published: 2026-01-22

Description (Chinese)

Microsoft Copilot Studio是美国微软（Microsoft）公司的一个人工智能聊天机器人。 Microsoft Copilot Studio存在命令注入漏洞，该漏洞源于对特殊元素的未正确中和。攻击者利用该漏洞可以通过网络攻击途径查看敏感信息。

Description (English)

Microsoft Copilot Studio is an artificial smart chat robot of Microsoft (MS) America. Microsoft Copilot Studio has ordered a loophole, which originates from an incorrect combination of special elements. The attackers used the loophole to view sensitive information via cyberattacks.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

微软

Published

2026-01-22

Last Modified

2026-02-24

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21520

Patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21520