SearchLeak puts Copilot review habits under new pressure
Reviewed by Helen Jones
Varonis disclosed SearchLeak on 15 June 2026, a vulnerability chain affecting Microsoft 365 Copilot Enterprise Search. A crafted Microsoft 365 search URL could make Copilot query content the user could access, including mail, calendar items, SharePoint, and OneDrive content, and send selected results out through an image request. Microsoft remediated the flaw as CVE-2026-42824 before disclosure, so the specific attack path is now fixed.
Before this disclosure, many Copilot users treated output review as a writing-quality check: is the summary accurate, is the tone right, and are the facts usable? That is not enough when the assistant can search across company files and mailboxes. The incident gives adoption leads a practical reason to add data-scope checks to every Copilot habit. A useful Copilot draft should not leave the team wondering which files, meetings, or mailboxes the answer used.
Analysis
Add one line to your Copilot review checklist: “What sources were in scope?” Ask users to name the files, meetings, or mailbox context they expected Copilot to use before sharing any AI-assisted summary or draft.
Pulse published by Collab365 Spaces, reviewed by Helen Jones on . Cite as "SearchLeak puts Copilot review habits under new pressure", Collab365 Spaces. 1 source referenced.