BREAKING
One-Click Copilot Leak: CVE-2026-42824
SearchLeak exfiltrates with one click
The three-stage attack chain
1P2P Injection
2Race condition
3SSRF exfil
How SearchLeak compares
SearchLeakVaronis
Enterprise Search
One click
EchoLeakAim Security
M365 Copilot
Zero-click
0
Microsoft CVSS
0
NVD score
Fixed; no customer action needed
AI NEWS BLITZ
Microsoft has patched a one-click data leak flaw in M365 Copilot Enterprise Search.