Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vectorReferenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21520
