{"data":{"id":"bcd1b0b9-ae5a-44b9-b91a-b7b876eb859c","title":"CVE-2025-53787: Microsoft 365 Copilot BizChat Information Disclosure Vulnerability","summary":"CVE-2025-53787 is an information disclosure vulnerability in Microsoft 365 Copilot BizChat that stems from improper neutralization of special elements used in commands (command injection, where attackers manipulate input to execute unintended commands). The vulnerability allows unauthorized access to sensitive information, though specific attack details are not provided in this source.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-53787","publishedAt":"2025-08-07T21:15:28.427Z","cveId":"CVE-2025-53787","cweIds":["CWE-77"],"cvssScore":"8.2","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft 365 Copilot","BizChat"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00116,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}