CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-47645

highCVSS 8.8covered by 1 sourcefirst seen 2026-06-09
Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network.

CSIRTS triage

What
An open redirect vulnerability allows unauthorized privilege elevation.
Who is affected
Users of Microsoft 365 Copilot's Business Chat are affected.
Urgency
High urgency for remediation due to the potential for privilege escalation and a CVSS score of 8.8.
Action
Apply the latest security updates to Microsoft 365 Copilot.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-47645

Get an email if CVE-2026-47645 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-47645

CVE.org record

Embed the live status

CVE-2026-47645 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-47645 status](https://www.csirts.com/badge/CVE-2026-47645)](https://www.csirts.com/cve/CVE-2026-47645)