CVE-2025-53787: Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
Summary
CVE-2025-53787 is an information disclosure vulnerability in Microsoft 365 Copilot BizChat that stems from improper neutralization of special elements used in commands (command injection, where attackers manipulate input to execute unintended commands). The vulnerability allows unauthorized access to sensitive information, though specific attack details are not provided in this source.
Vulnerability Details
8.2(high)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-53787
First tracked: February 15, 2026 at 08:51 PM
Classified by LLM (prompt v3) · confidence: 85%