An improper neutralization of special elements used in a command in Copilot Chat enables an unauthorized attacker to run arbitrary commands, which can cause sensitive information to be disclosed over a network. The weakness, identified as CWE‑77, results in an information‑disclosure vulnerability that could allow attackers to exfiltrate data or learn internal system details without needing elevated privileges. This type of flaw may compromise confidentiality of data handled by the application.

Microsoft Copilot Chat, a feature of Microsoft Edge. No specific product version details are provided in the current advisory, so the issue may affect any installation that contains the Copilot Chat component of Microsoft Edge at present.

The CVSS score for this vulnerability is 7.5, indicating a high severity level. The EPSS score is not available, and the vulnerability is not listed in CISA's KEV catalog, suggesting that while the flaw is serious, there is limited publicly reported exploitation at this time. The likely attack vector is remote, inferred from the description that disclosure occurs over a network and that an unauthorized attacker could exploit the command injection. Exploitation would require the attacker to interact with the Copilot Chat interface or supply crafted input that triggers the command injection, after which the application may transmit leaked information to the attacker.