CVE Catalog
CVE-2026-47644
MediumCVSS 6.5Summary
In Copilot Chat (Microsoft Edge), improper neutralization of special elements in output can lead to injection vulnerabilities. This allows an unauthorized attacker to disclose information over a network.
Risk Assessment
The organization may be exposed to the risk of confidential data leakage, which can lead to serious legal and reputational consequences.
Recommendation
It is recommended to update the software to the latest version and implement additional security mechanisms to prevent injections.
Original NVD description (English source)
Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.

