Microsoft 365 Copilot ‘zero-click’ vulnerability enabled information exfiltration – Model Slux
Microsoft patched a “zero-click” flaw in its Microsoft 365 Copilot retrieval-augmented technology (RAG) instrument that would have allowed for exfiltration of delicate information, in keeping with Purpose Safety.The vulnerability is tracked as CVE-2025-32711, which has a crucial CVSS rating of 9.3, Purpose Safety advised SC Media in an e mail. Microsoft stated in its disclosure … Read more
