Microsoft fixed CVE-2026-42824, a Microsoft 365 Copilot information-disclosure vulnerability disclosed in June 2026, after Varonis researchers described a one-click “SearchLeak” attack chain that abused Copilot Search, browser rendering behavior, and Microsoft service trust to leak enterprise...
ai governance
ai security
ai security training
cloud security
copilot enterprise
copilot security
copilotvulnerabilities
cve-2026-42824
data exfiltration
enterprise governance
enterprise search
enterprise security
information disclosure
mfa code risk
microsoft 365
microsoft 365 copilot
microsoft 365 security
microsoft copilot
prompt injection
searchleak vulnerability
threat research