Sign In Get Started

Security NewsHighIncidentvulnerability

CVE-2026-33102 Microsoft 365 Copilot Elevation of Privilege Vulnerability

UnknownApr 23, 2026(12 days ago)

M365 Copilot has an elevation of privilege vulnerability due to an open redirect, allowing unauthorized privilege escalation.

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

Related CVEs

Potentially Affected Vendors

Microsoft Azure

Vendors are matched automatically based on AI analysis. Verify with official sources.

Related News

Rare appeal may shed light on compensable time for remote employees

Unknownin about 7 hours

Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison

Unknown31 minutes ago

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

Unknown40 minutes ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.