A single click on a Microsoft link could have drained your inbox. Here’s how SearchLeak worked. Security researchers at Varonis uncovered a critical vulnerability chain named SearchLeak in Microsoft 365 Copilot Enterprise Search, which could allow attackers to steal sensitive user data like emails, calendar entries, and indexed files with a single click. The attack leveraged a crafted URL on a legitimate Microsoft domain, bypassing traditional security measures. Microsoft has since mitigated the flaw on its backend, and no customer action was required.

• Varonis Threat Labs discovered a vulnerability chain called SearchLeak in Microsoft 365 Copilot Enterprise Search.
• The attack could allow an attacker to steal emails, calendar entries, and indexed files with a single click.
• SearchLeak exploited a crafted URL on a legitimate microsoft.com domain, making it difficult for security tools to detect.
• The vulnerability chain chained three distinct weaknesses: parameter-to-prompt injection, a race condition in response rendering, and server-side request forgery through Bing.
• The attack’s reach matched the signed-in user’s Microsoft Graph permissions, potentially exposing sensitive time-sensitive data like one-time codes and MFA tokens.
• Microsoft assigned CVE-2026-42824 to the vulnerability and rated it critical, though the CVSS v3.1 base score was 6.5 (medium).
• Microsoft mitigated the flaw on its backend, and no customer action was required.
• This is the second such pattern Varonis has demonstrated against Copilot, following the Reprompt attack.
• The article suggests that prompt injection is making older web vulnerabilities dangerous again in AI systems.
• Varonis recommends monitoring for suspicious Copilot Search URLs and unusual outbound requests to Bing’s image endpoints. Continue reading https://thenextweb.com/news/microsoft-365-copilot-searchleak-one-click-data-exfiltration