A critical vulnerability chain named SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL. Microsoft addressed SearchLeak at the beginning of the month and assigned it the CVE-2026-42824 identifier with a maximum severity, critical rating. Researchers at Varonis developed SearchLeak by chaining three flaws: a parameter-to-prompt injection, an HTML rendering race condition, and a content-security-policy (CSP) bypass enabled by Bing server-side request forgery (SSRF). The attack exploits a parameter-to-prompt injection weakness by leveraging how Microsoft 365 Copilot Search accepts the ‘q’ URL parameter for search queries. An attacker crafts a URL that tells Copilot to search the user's emails, extract the title, and embed it in an image URL. The victim clicks a link, and Copilot executes the instructions. In the second stage, an attacker exploits an HTML rendering race condition, where raw HTML is temporarily rendered before sanitization, allowing an attacker-controlled HTML with an <img> tag to trigger outbound requests. The third part is an SSRF issue in Bing’s “Search by Image” feature, which launches a request to fetch an image from the attacker's endpoint, bypassing CSP protection. With stolen data embedded in the URL, the attacker reads it from their server's request logs.