A vulnerability categorized as critical has been discovered in Microsoft 365 Copilot . This affects an unknown function. Executing a manipulation can lead to command injection. This vulnerability is handled as CVE-2026-42827 . The attack can be executed remotely. There is not any exploit available. This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves.