CRITICALVulnerability
Verified
Global
NVD CRITICAL: CVE-2026-41106 — Url redirection to untrusted site ('open redirect') in M365 Copilot allows an un...
·Source: NIST NVD
Updated:
Executive Summary
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Analysis
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. CVSS Score: 9.3. Published: 2026-07-02T23:16:50.867.