Primary

Context

Microsoft 365 Copilot Spoofing Vulnerability

Vulnerability

A spoofing vulnerability has been identified in Microsoft 365 Copilot for Android, stemming from improper access control. This vulnerability allows an authorized attacker to perform spoofing locally. While the vulnerability could lead to some loss of confidentiality and integrity, it does not affect availability.

Impact

Exploitation of this vulnerability could allow an authorized attacker to spoof identities or information within the application.

Remediation

Users are advised to download the latest security update for Microsoft 365 Copilot for Android, available on the Google Play Store.

Added: May 12, 2026, 7:21 PM

Updated: May 12, 2026, 7:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.3

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.3

remediation

0.0

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft 365 Copilot Spoofing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft 365 Copilot

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating