A vulnerability categorized as critical has been discovered in Microsoft M365 Copilot . This issue affects some unknown processing. Executing a manipulation can lead to missing authentication. This vulnerability is registered as CVE-2026-54130 . It is possible to launch the attack remotely. No exploit is available. This product is a managed service, so users do not have direct control over vulnerability countermeasures.