AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-26133: AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

highvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseMarch 16, 2026CVE-2026-26133

Summary

CVE-2026-26133 is a vulnerability in Microsoft 365 Copilot where an attacker can use AI command injection (tricking the AI system by embedding hidden commands in normal-looking input) to access and disclose information over a network without authorization. The vulnerability has a CVSS score (a 0-10 rating of how severe a security flaw is) of 4.0, indicating moderate severity.

Vulnerability Details

CVSS Score

7.1(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Attack Vector

network

Attack Complexity

low

Privileges Required

none

User Interaction

required

Disclosure Date

March 16, 2026

Classification

Attack Type

Prompt Injection

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrity

Taxonomy References

MITRE ATLAS (AI/ML Threat Technique)

AML.T0051

Affected Vendors

Microsoft

Related Issues

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

Similar attackEmbrace The Red

info

Tech Giants Invest $12.5 Million in Open Source Security

Same vendorSecurityWeek

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-26133

First tracked: March 16, 2026 at 12:07 PM

Classified by LLM (prompt v3) · confidence: 85%