CVE-2026-33102
Published: 23 April 2026
Summary
CVE-2026-33102 is a critical-severity Open Redirect (CWE-601) vulnerability in Microsoft 365 Copilot. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Spearphishing Link (T1566.002); ranked at the 15.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Enterprise AI Assistants.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely identification, reporting, and patching of the specific open redirect flaw in M365 Copilot, directly eliminating the vulnerability.
Mandates validation of URL inputs to block redirection to untrusted sites, comprehensively preventing the core exploitation mechanism of this CVE.
Filters output containing redirect URLs to ensure only trusted destinations are allowed, directly mitigating unauthorized privilege elevation via open redirects.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Open redirect (CWE-601) in a cloud SaaS component is directly abused by crafting trusted-domain links that redirect users to attacker-controlled sites; this is the canonical enabler for spearphishing links (T1566.002) and matches the UI:R, PR:N, network-based exploitation path described.
NVD Description
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Deeper analysisAI
CVE-2026-33102 is an open redirect vulnerability (CWE-601) affecting M365 Copilot, a component of Microsoft 365. The flaw enables URL redirection to untrusted sites, which can be exploited by unauthorized attackers over a network to elevate privileges. It has a CVSS v3.1 base score of 9.3 (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N), indicating critical severity due to high confidentiality and integrity impacts with a change in scope.
An unauthorized attacker with network access can exploit this vulnerability by tricking a user into interacting with a malicious link or redirect (UI:R required). No prior privileges are needed (PR:N), and the attack has low complexity (AC:L). Successful exploitation allows privilege elevation, potentially leading to high-impact unauthorized access to sensitive data or actions within the M365 environment.
Microsoft's Security Response Center (MSRC) provides mitigation guidance and patch details in its update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33102. Security practitioners should consult this advisory for deployment instructions and verify system updates.
This vulnerability occurs in M365 Copilot, an AI-powered productivity tool, highlighting risks in AI-integrated enterprise software where open redirects could amplify phishing or social engineering attacks. No public evidence of real-world exploitation is available as of publication on 2026-04-23.
Details
- CWE(s)
Affected Products
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- N/A
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: copilot