Cyber Resilience

CVE-2026-33111

HighRCE

Published: 07 May 2026

Published
07 May 2026
Modified
14 May 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0006 20.2th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-33111 is a high-severity Command Injection (CWE-77) vulnerability in Microsoft Copilot Chat. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 20.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.

EU & UK References

Vulnerability details

Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: copilot

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
Why these techniques?

Command injection (CWE-77) directly enables arbitrary command execution via T1059 and client-side exploitation in Edge via T1203.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-21518Same vendor: Microsoft
CVE-2026-21516Same vendor: Microsoft
CVE-2026-21256Same vendor: Microsoft
CVE-2026-21257Same vendor: Microsoft
CVE-2026-21520Same vendor: Microsoft
CVE-2026-42893Same vendor: Microsoft
CVE-2026-26136Same vendor: Microsoft
CVE-2025-62222Same vendor: Microsoft
CVE-2025-53787Same vendor: Microsoft
CVE-2026-26133Same vendor: Microsoft

Affected Assets

microsoft
copilot chat
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References