CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

776 matches found

Microsoft Secure•added 2025/08/26 4:0 p.m.•5 views

Securing and governing the rise of autonomous agents

In this blog, you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer CISO for Identity, Igor Sakhnov, about how to secure and govern autonomous agents. This blog is part of a new ongoing series where our Deputy CISOs share their thoughts on what is most...

7.5AI score

Exploits0

Github Security Blog•added 2025/08/25 4:1 p.m.•5 views

Safeguarding VS Code against prompt injections

The Copilot Chat extension for VS Code has been evolving rapidly over the past few months, adding a wide range of new features. Its new agent mode lets you use multiple large language models LLMs, built-in tools, and MCP servers to write code, make commit requests, and integrate with external...

7.8AI score

Exploits0

OSSF Malicious Packages•added 2025/08/23 2:44 p.m.•2 views

Malicious code in global-copilot-menu (npm)

The package communicates with a domain associated with malicious activity...

7AI score

Exploits0

OSV•added 2025/08/23 2:44 p.m.•1 views

MAL-2025-41387 Malicious code in global-copilot-menu (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score

Exploits0

RedhatCVE•added 2025/08/14 6:23 p.m.•2 views

CVE-2025-53773

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS7.7AI score0.02559EPSS

Exploits2References1

CNVD•added 2025/08/14 12:0 a.m.•3 views

Microsoft GitHub Copilot Remote Code Execution Vulnerability

GitHub Copilot is an AI-driven code assistant developed by Microsoft, widely used in Visual Studio Code, Visual Studio and other development environments, providing intelligent code completion and generation services for millions of developers worldwide. Microsoft GitHub Copilot remote code...

7.8CVSS8.9AI score0.02559EPSS

Exploits2References1

GithubExploit•added 2025/08/13 4:58 p.m.•337 views

Exploit for Command Injection in Microsoft

💥 CVE-2025-53773 — Remote Code Execution in GitHub Copilot 💥...

7.8CVSS8.2AI score0.02559EPSS

Exploits2

OSV•added 2025/08/12 6:15 p.m.•3 views

CVE-2025-53773

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.02559EPSS

Exploits2References3

NVD•added 2025/08/12 6:15 p.m.•3 views

CVE-2025-53773

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS0.02559EPSS

Exploits2References3

Cvelist•added 2025/08/12 5:9 p.m.•6 views

CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

...

7.8CVSS0.02559EPSS

Exploits2References1

Vulnrichment•added 2025/08/12 5:9 p.m.•2 views

CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

...

7.8CVSS7.2AI score0.02559EPSS

Exploits2References1

CVE•added 2025/08/12 5:9 p.m.•63 views

CVE-2025-53773

CVE-2025-53773 describes a command-injection-based remote code execution risk in GitHub Copilot and Visual Studio. The root cause is improper neutralization of elements in prompts/config that Copilot can read and act on, potentially allowing an attacker to cause Copilot to modify project configur...

7.8CVSS7.6AI score0.02559EPSS

Exploits2References3Affected Software1

Microsoft Secure•added 2025/08/12 4:0 p.m.•4 views

Dow’s 125-year legacy: Innovating with AI to secure a long future

Founded more than 125 years ago, Dow has demonstrated a commitment to leveraging science to make the world a better place. Today, Dow’s ambition to be the most innovative, inclusive, and sustainable materials science company is supported by a global security team dedicated to keeping employees,...

6.9AI score

Exploits0

Microsoft Secure•added 2025/08/12 4:0 p.m.•3 views

Dow’s 125-year legacy: Innovating with AI to secure a long future

6.6AI score

Exploits0

Microsoft CVE•added 2025/08/12 7:0 a.m.•8 views

GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS7.8AI score0.02559EPSS

Exploits2

CNNVD•added 2025/08/12 12:0 a.m.•2 views

Microsoft GitHub Copilot and Visual Studio 命令注入漏洞

7.8CVSS8.8AI score0.02559EPSS

Exploits2References1

Kaspersky•added 2025/08/12 12:0 a.m.•8 views

KLA86588 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Web Deploy can be exploited remotely to execute arbitrary code. 2...

8.8CVSS9AI score0.22323EPSS

Exploits5References4

Packet Storm News•added 2025/08/11 12:0 a.m.•2 views

Power Pwn 4.0.1

Power Pwn is a powerful open‑source toolset designed for red‑teaming and security testing within the Microsoft 365 environment, particularly around Copilot, Copilot Studio, and the Power Platform...

7AI score

Exploits0

RedhatCVE•added 2025/08/09 9:30 p.m.•3 views

CVE-2025-53774

Microsoft 365 Copilot BizChat Information Disclosure Vulnerability...

7.5CVSS6.6AI score0.00548EPSS

Exploits0References1

RedhatCVE•added 2025/08/09 9:30 p.m.•3 views

CVE-2025-53787

Microsoft 365 Copilot BizChat Information Disclosure Vulnerability...

8.2CVSS6.5AI score0.00641EPSS

Exploits0References1