Lucene search
K

825 matches found

Microsoft CVE
Microsoft CVE
added 2025/11/11 8:0 a.m.26 views

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS5.5AI score0.00411EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/11/11 8:0 a.m.9 views

Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability

Improper limitation of a pathname to a restricted directory 'path traversal' in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally...

6.8CVSS5.5AI score0.0046EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/11/11 8:0 a.m.9 views

Agentic AI and Visual Studio Code Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network...

8.8CVSS6AI score0.00735EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.10 views

Microsoft Visual Studio Code 路径遍历漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A path traversal vulnerability exists in Microsoft Visual Studio Code CoPilot Chat Extension. An attacker exploiting this vulnerability could bypass certain functionality...

6.8CVSS5.7AI score0.0046EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46514

Name of the Vulnerable Software and Affected Versions Visual Studio Code CoPilot Chat Extension affected versions not specified Description The Visual Studio Code CoPilot Chat Extension contains a flaw related to improper neutralization of special elements used in commands, potentially leading to...

8.8CVSS5.9AI score0.00735EPSS
Exploits0References9
Kaspersky
Kaspersky
added 2025/11/11 12:0 a.m.7 views

KLA90062 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in GitHub Copilot and Visual Studio...

8.8CVSS7.2AI score0.00978EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46515

Name of the Vulnerable Software and Affected Versions Visual Studio Code CoPilot Chat Extension affected versions not specified Description An issue exists in Visual Studio Code CoPilot Chat Extension related to improper limitation of a pathname to a restricted directory, also known as a 'path...

6.8CVSS5.2AI score0.0046EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.5 views

PT-2025-46517

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description A security feature bypass can occur due to improper validation of generative AI output in GitHub Copilot and Visual Studio Code. An authorized attacker can explo...

5CVSS5.4AI score0.00411EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.4 views

Microsoft Visual Studio Code 命令注入漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft Corporation USA. A command injection vulnerability exists in Microsoft Visual Studio Code CoPilot Chat Extension. An attacker can execute code by exploiting this vulnerability...

8.8CVSS6.2AI score0.00735EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

Microsoft GitHub Copilot and Visual Studio Code 安全漏洞

Microsoft GitHub Copilot and Visual Studio Code is a combination of intelligent coding tools from Microsoft Corporation USA. A security vulnerability exists in Microsoft GitHub Copilot and Visual Studio Code. An attacker exploiting the vulnerability could bypass certain features...

5CVSS5.5AI score0.00411EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2025/11/04 5:0 p.m.6 views

​​Learn what generative AI can do for your security operations center

The busier security teams get, the harder it can be to understand the full impact of false positives, queue clutter, tool fragmentation, and more. But what is clear—it all adds up to increased fatigue and an increased potential to miss the cyberthreats that matter most. To help security teams...

6.9AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2025/10/21 4:0 p.m.5 views

The new Microsoft Security Store unites partners and innovation

On September 30, 2025, Microsoft announced a bold new vision for security: a unified, AI-powered platform designed to help organizations defend against today’s most sophisticated cyberthreats. But an equally important story—one that’s just beginning to unfold—is how the Microsoft Security Store i...

6.4AI score
Exploits0
CNVD
CNVD
added 2025/10/21 12:0 a.m.1 views

Microsoft 365 Word Copilot Spoofing Vulnerability

Microsoft 365 Word Copilot is an AI assistant from Microsoft Corporation, USA. Microsoft 365 Word Copilot has a spoofing vulnerability that can be exploited by attackers to cause spoofing attacks...

9.3CVSS6.8AI score0.00521EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.6 views

Microsoft 365 Copilot Business Chat Spoofing Vulnerability

Microsoft 365 Copilot Business Chat is an AI chat software from Microsoft Corporation, USA. Microsoft 365 Copilot Business Chat has a spoofing vulnerability that can be exploited by attackers to cause spoofing attacks...

9.3CVSS6.8AI score0.00521EPSS
Exploits0References1
CNVD
CNVD
added 2025/10/21 12:0 a.m.3 views

Microsoft 365 Copilot Business Chat Spoofing Vulnerability (CNVD-2025-25468)

Microsoft 365 Copilot Business Chat is an AI chat software from Microsoft Corporation, USA. Microsoft 365 Copilot Business Chat has a spoofing vulnerability that can be exploited by attackers to cause spoofing attacks...

9.3CVSS6.8AI score0.00517EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2025/10/14 4:0 p.m.6 views

Microsoft raises the bar: A smarter way to measure AI for cybersecurity

ExCyTIn-Bench is Microsoft’s newest open-source benchmarking tool designed to evaluate how well AI systems perform real-world cybersecurity investigations.1 It helps business leaders assess language models by simulating realistic cyberthreat scenarios and providing clear, actionable insights into...

6.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 10:55 p.m.6 views

copilot-studio-datainsight (>=0.0.1 <=0.0.6), flowise (>=1.6.1 <=2.2.8) potentially affected by CVE-2025-61913 via flowise-components (>=1.3.4 <=2.2.8)

flowise-components NPM version =1.3.4, =0.0.1, =1.6.1, =2.2.8 Source cves: CVE-2025-61913 Source advisory: OSV:GHSA-J44M-5V8F-GC9C...

9.9CVSS5.8AI score0.12115EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/10/10 9:27 p.m.5 views

CVE-2025-59252

M365 Copilot Spoofing Vulnerability...

6.5CVSS7AI score0.00521EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 9:27 p.m.4 views

CVE-2025-59272

Copilot Spoofing Vulnerability...

6.5CVSS7AI score0.00517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/10 9:27 p.m.5 views

CVE-2025-59286

Copilot Spoofing Vulnerability...

6.5CVSS7AI score0.00521EPSS
Exploits0References1
Rows per page
Query Builder