CVE-2026-26137 - CERT CVE

  1. CVE-2026-26137

ID CVE-2026-26137
Sažetak Server-side request forgery (ssrf) in Microsoft 365 Copilot's Business Chat allows an authorized attacker to elevate privileges over a network.
Reference
CVSS
Base: 8.9
Impact: 6.0
Exploitability:2.3
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Zadnje važnije ažuriranje 19-03-2026 - 21:17
Objavljeno 19-03-2026 - 21:17