Cyber Posture

CVE-2026-26136

MediumRCE

Published: 19 March 2026

Published
19 March 2026
Modified
01 April 2026
KEV Added
Patch
CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
EPSS Score 0.0008 23.3th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-26136 is a medium-severity Command Injection (CWE-77) vulnerability in Microsoft Copilot. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 23.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly mandates validation and sanitization of external inputs to neutralize special elements and prevent command injection vulnerabilities like CVE-2026-26136.

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of identified flaws, including applying vendor patches for the specific command injection issue in Microsoft Copilot.

RA-5 Vulnerability Monitoring and Scanning good match
detect

Vulnerability scanning identifies command injection flaws such as CVE-2026-26136 in applications like Copilot for subsequent remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
T1059.003 Windows Command Shell Execution
Adversaries may abuse the Windows command shell for execution.
attack.mitre.org →
T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
attack.mitre.org →
Why these techniques?

Command injection (CWE-77) in client-facing Microsoft Copilot directly enables T1203 exploitation for client execution (UI:R) and T1059.003 arbitrary command execution on Windows, facilitating T1005 local data collection for the observed C:H impact.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to disclose information over a network.

Deeper analysisAI

CVE-2026-26136 is a command injection vulnerability (CWE-77) in Microsoft Copilot caused by improper neutralization of special elements used in a command. This flaw allows unauthorized attackers to disclose information over a network and carries a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N). The vulnerability was published on 2026-03-19.

An unauthorized attacker with network access can exploit this vulnerability with low attack complexity but requires user interaction to succeed. Exploitation enables the attacker to achieve high-impact information disclosure over the network, without compromising integrity or availability.

The Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26136 provides details on mitigation and patches.

Details

CWE(s)
CWE-77

Affected Products

microsoft
copilot
all versions

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
N/A
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: copilot

CVEs Like This One

CVE-2026-21518Same vendor: Microsoft
CVE-2026-21516Same vendor: Microsoft
CVE-2026-32183Same vendor: Microsoft
CVE-2025-53787Same vendor: Microsoft
CVE-2026-26133Same vendor: Microsoft
CVE-2026-21257Same vendor: Microsoft
CVE-2026-21520Same vendor: Microsoft
CVE-2026-32194Same vendor: Microsoft
CVE-2026-20841Same vendor: Microsoft
CVE-2026-21256Same vendor: Microsoft

References