Vulnerability Details CVE-2026-58617
Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 49.8%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2026-58617
-
cpe:2.3:a:microsoft:365_copilot:2.103.0
-
cpe:2.3:a:microsoft:365_copilot:2.103.1
-
cpe:2.3:a:microsoft:365_copilot:2.103.2
-
cpe:2.3:a:microsoft:365_copilot:2.103.3
-
cpe:2.3:a:microsoft:365_copilot:2.103.4
-
cpe:2.3:a:microsoft:365_copilot:2.104
-
cpe:2.3:a:microsoft:365_copilot:2.104.1
-
cpe:2.3:a:microsoft:365_copilot:2.104.2
-
cpe:2.3:a:microsoft:365_copilot:2.104.3
-
cpe:2.3:a:microsoft:365_copilot:2.104.4
-
cpe:2.3:a:microsoft:365_copilot:2.104.5
-
cpe:2.3:a:microsoft:365_copilot:2.105
-
cpe:2.3:a:microsoft:365_copilot:2.105.1
-
cpe:2.3:a:microsoft:365_copilot:2.106
-
cpe:2.3:a:microsoft:365_copilot:2.106.1
-
cpe:2.3:a:microsoft:365_copilot:2.106.2
-
cpe:2.3:a:microsoft:365_copilot:2.106.3
-
cpe:2.3:a:microsoft:365_copilot:2.107
-
cpe:2.3:a:microsoft:365_copilot:2.107.1
-
cpe:2.3:a:microsoft:365_copilot:2.107.2
-
cpe:2.3:a:microsoft:365_copilot:2.107.3
-
cpe:2.3:a:microsoft:365_copilot:2.107.4
-
cpe:2.3:a:microsoft:365_copilot:2.108
-
cpe:2.3:a:microsoft:365_copilot:2.108.1
-
cpe:2.3:a:microsoft:365_copilot:2.108.2
-
cpe:2.3:a:microsoft:365_copilot:2.108.3