- Description
- Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
- Source
- secure@microsoft.com
- NVD status
- Modified
- CNA Tags
- exclusively-hosted-service
- Products
- 365_copilot
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- secure@microsoft.com
- CWE-74
- Hype score
- Not currently trending
🥜✉️📂 Microsoft 365 Copilotの最近揃って語られる2つの問題 ✉️EchoLeak CVE-2025-32711 📂CW1226324 原因を技術的に見ると全然違うレイヤーの課題だったよ EchoLeak(2025年6月パッチ) zero-click prompt injectionで悪意メール1
@yuzuno_oobaka
25 Feb 2026
117 Impressions
0 Retweets
1 Like
0 Bookmarks
7 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-32711 2 - CVE-2026-1731 3 - CVE-2025-61732 4 - CVE-2026-20817 5 - CVE-2026-25526 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
10 Feb 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
1 Feb 2026
86 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
29 Jan 2026
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
27 Jan 2026
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
26 Jan 2026
73 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
24 Jan 2026
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
23 Jan 2026
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
22 Jan 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
20 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
19 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2023-20198 2 - CVE-2025-32711 3 - CVE-2025-20393 4 - CVE-2025-61728 5 - CVE-2026-22812 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
18 Jan 2026
136 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 EchoLeak: The invisible threat inside Microsoft 365 Copilot! **What people saw:** A routine Copilot feature in Microsoft 365, seamlessly assisting employees with day-to-day tasks, seemed benign. **What was actually happening:** EchoLeak (CVE-2025-32711), a critical https:/
@photogrim_
14 Jan 2026
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
14 Jan 2026
86 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
10 Jan 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
7 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
5 Jan 2026
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
1 Jan 2026
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
29 Dec 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
25 Dec 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
21 Dec 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
17 Dec 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
14 Dec 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
8 Dec 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
5 Dec 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
2 Dec 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/naIEPV5aBD "
@raisinadialogue
30 Nov 2025
182 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
29 Nov 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
24 Nov 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXcE9
@orfgeotech
20 Nov 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy7mM7 "
@orfonline
20 Nov 2025
339 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/kaifoaXKtH
@orfgeotech
19 Nov 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Zero-click #LLM attacks are here. #EchoLeak (CVE-2025-32711) hijacked #Microsoft Copilot with no user action. Hidden prompts → scope violation → silent data exfiltration. Protect with: patching, strict filters, least-privilege, monitoring, red-team tests. #AIsecurity #
@consult_secnuo
18 Nov 2025
2 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
EchoLeak (CVE-2025-32711) proves agentic #AI threats are no longer theoretical, says @radware's Pascal Geenens. Hidden prompt injections in routine tasks can exfiltrate enterprise data via Copilot or chat agents. #cybersecurity #infosec #ITsecurity https://t.co/kxpwhC6XUR
@SCMagazine
16 Nov 2025
678 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
1 Quote
"The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/naIEPV5aBD "
@raisinadialogue
12 Nov 2025
168 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-24200 2 - CVE-2025-32711 3 - CVE-2013-3219 4 - CVE-2021-4034 5 - CVE-2007-6249 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
10 Nov 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/mGCZRawjgC
@ORFMumbai
10 Nov 2025
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy6OWz "
@orfonline
9 Nov 2025
396 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/mGCZRavLr4
@ORFMumbai
4 Nov 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/mGCZRavLr4
@ORFMumbai
1 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/mGCZRawjgC
@ORFMumbai
24 Oct 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy7mM7 "
@orfonline
22 Oct 2025
356 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/mGCZRawjgC
@ORFMumbai
22 Oct 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft 365 Copilot Flaw Explained: How 'EchoLeak' (CVE-2025-32711) Steals Your Data with a Single Email Read the full report on - https://t.co/K92u6IBvOC https://t.co/XK2RTFdqxl
@cyberbivash
21 Oct 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/mGCZRavLr4
@ORFMumbai
21 Oct 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy7mM7
@orfonline
19 Oct 2025
416 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy6OWz
@orfonline
18 Oct 2025
518 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy6OWz
@orfonline
17 Oct 2025
353 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy6OWz
@orfonline
17 Oct 2025
394 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
The #EchoLeak vulnerability (CVE-2025-32711) exposes how AI CoPilots like #Microsoft365 can become silent conduits for data theft and hybrid warfare: @SoumyaAwasthi17 https://t.co/GIyPYy6OWz
@orfonline
16 Oct 2025
318 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_copilot:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A390D9-7457-430A-82CC-A24DA275BF06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]