Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Microsoft 365 Copilot Enterprise SearchLeak remote code execution flaw (CVE-2026-42824)

Vulnerability
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft 365 Copilot Enterprise Search flaw chain SearchLeak could expose mailbox, OneDrive, and SharePoint data through a specially crafted URL; Microsoft fixed CVE-2026-42824 at the beginning of the month.

Related Happenings

KongTuke Microsoft Teams initial access campaign

Campaign
H score42 First: 14.05.2026 15:12 Last: 14.05.2026 15:12 Sources 1

About this happening: The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...

Open Happening

Microsoft Windows 365 Office installation disruption

Service Disruption
H score13 First: 13.05.2026 14:53 Last: 13.05.2026 14:53 Sources 1

About this happening: The **Windows 365** service update has introduced a **configuration change** that is blocking **Office downloads and installs** for some customers, disrupting access on cloud PCs....

Open Happening

Storm-1175 high-tempo Medusa ransomware campaign

Campaign
H score62 First: 07.04.2026 13:02 Last: 07.04.2026 13:02 Sources 1

About this happening: **Storm-1175** is running a **high-tempo Medusa ransomware campaign** that has repeatedly exploited **n-day and zero-day flaws** to gain initial access before patching closes the...

Open Happening

Microsoft expands Purview DLP enforcement for Copilot across local and cloud Office files

Security Tool/Service
H score10 First: 24.02.2026 19:30 Last: 24.02.2026 19:30 Sources 1

About this happening: Microsoft is expanding **Purview DLP** so **Microsoft 365 Copilot** cannot process restricted **Word, Excel, and PowerPoint** files stored on **local devices, SharePoint, or OneDr...

Open Happening

Microsoft 365 Copilot work tab DLP bypass security flaw

Vulnerability
H score14 First: 18.02.2026 14:03 Last: 18.02.2026 14:03 Sources 1

About this happening: **Microsoft 365 Copilot** has a **DLP-bypass vulnerability** in its **work tab chat** that can summarize confidential email content, creating a risk that protected messages are pr...

Open Happening

Timeline

  1. 15.06.2026 16:00 2 articles · 2h ago

    SearchLeak chains Copilot Enterprise flaws to steal mailbox and SharePoint data

    Initial Disclosure

    Varonis describes SearchLeak, a three-stage attack chain in Microsoft 365 Copilot Enterprise that combines parameter-to-prompt injection, an HTML rendering race condition, and a Bing SSRF/CSP bypass to exfiltrate mailbox, OneDrive, or SharePoint data through a specially crafted URL. Microsoft assigned CVE-2026-42824 a critical rating and has already fixed it, with no user action required to mitigate the threat.

    Show sources
    Open in new tab