Microsoft Copilot SearchLeak: One Click Exfiltrates All Indexed Enterprise Data via LLM Prompt Injection
Varonis discovered SearchLeak (CVE-2026-42824) in Microsoft 365 Copilot Enterprise, a three-stage vulnerability chain: P2P injection, HTML rendering race condition, and SSRF via Bing to bypass CSP. Attackers embed malicious URL parameters; user clicks cause Copilot to exfiltrate sensitive data (emails, SharePoint, OneDrive) via Bing image URLs, evading traditional phishing defenses. Microsoft has released a patch.
