CVE-2026-41090 | Microsoft 365 Copilot for iOS command injection

A vulnerability marked as critical has been reported in Microsoft 365 Copilot for iOS. This affects an unknown function. The manipulation leads to command injection.

This vulnerability is referenced as CVE-2026-41090. Remote exploitation of the attack is possible. No exploit is available.

This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves.VulDB Recent EntriesRead More