CVE-2026-24307

Critical

Published: 22 January 2026

Published

22 January 2026

Modified

12 February 2026

KEV Added

—

Patch

—

CVSS Score 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

EPSS Score 0.0013 31.7th percentile

Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-24307 is a critical-severity Improper Validation of Specified Type of Input (CWE-1287) vulnerability in Microsoft 365 Copilot. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Sharepoint (T1213.002); ranked at the 31.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Sharepoint (T1213.002) and 3 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match

prevent

Timely application of vendor patches and updates directly remediates the improper input validation flaw in M365 Copilot as detailed in the MSRC guide.

SI-10 Information Input Validation good match

prevent

Enforces organization-defined input validation at interfaces to prevent exploitation of improper type validation in user-supplied prompts or files to Copilot.

SI-5 Security Alerts, Advisories, and Directives good match

prevent

Receiving and implementing security alerts and directives from Microsoft ensures prompt awareness and action on mitigations for this critical CVE.

MITRE ATT&CK Enterprise TechniquesAI

T1213.002 Sharepoint Collection

Adversaries may leverage the SharePoint repository as a source to mine valuable information.

attack.mitre.org →

T1114.002 Remote Email Collection Collection

Adversaries may target an Exchange server, Office 365, or Google Workspace to collect sensitive information.

attack.mitre.org →

T1565.001 Stored Data Manipulation Impact

Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.

attack.mitre.org →

T1566.001 Spearphishing Attachment Initial Access

Adversaries may send spearphishing emails with a malicious attachment in an attempt to gain access to victim systems.

attack.mitre.org →

Why these techniques?

The improper input validation in Microsoft 365 Copilot enables crafted prompts/files (delivered via spearphishing attachment/link) to disclose sensitive M365 data like SharePoint content and remote emails, and manipulate stored data integrity.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

NVD Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Deeper analysisAI

CVE-2026-24307 is an improper validation of specified type of input vulnerability, classified under CWE-1287, affecting Microsoft 365 Copilot. Published on 2026-01-22, it carries a CVSS v3.1 base score of 9.3 (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N), marking it as critical due to its network accessibility, low complexity, lack of privilege requirements, and potential for high impacts on confidentiality and integrity across a changed scope.

An unauthorized attacker can exploit this vulnerability remotely over the network by tricking a user into interacting with malicious input, such as through a crafted prompt or file. Successful exploitation enables the attacker to disclose sensitive information and potentially manipulate data integrity, though it does not impact availability.

Microsoft's Security Response Center update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24307 details the vulnerability, including recommended mitigations and available patches.

Details

CWE(s): CWE-1287

Affected Products

microsoft

365 copilot

all versions

AI Security AnalysisAI

AI Category: Enterprise AI Assistants
Risk Domain: N/A
OWASP Top 10 for LLMs 2025: None mapped
Classification Reason: Matched keywords: copilot

CVEs Like This One

CVE-2026-33102Same product: Microsoft 365 Copilot

CVE-2026-26115Same vendor: Microsoft

CVE-2026-26133Same product: Microsoft 365 Copilot

CVE-2026-26164Same vendor: Microsoft

CVE-2026-26136Same vendor: Microsoft

CVE-2026-21518Same vendor: Microsoft

CVE-2025-53787Same vendor: Microsoft

CVE-2026-21256Same vendor: Microsoft

CVE-2026-21521Same vendor: Microsoft

CVE-2026-21257Same vendor: Microsoft

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24307
Vendor Advisory · secure@microsoft.com