Lucene search
K

145 matches found

CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

Microsoft GitHub Copilot and Visual Studio 命令注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are command injection vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to gain higher privileges. The following products...

8CVSS5.8AI score0.00845EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.8 views

PT-2026-7359

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description The software contains a command injection issue due to improper neutralization of special elements used in commands. A successful exploit could allow an authorized...

9CVSS5.8AI score0.00845EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.6 views

PT-2026-7358

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description A flaw exists in the code generation management of the software development tool. Successful exploitation could allow a remote attacker to execute arbitrary code. Thi...

10CVSS5.9AI score0.01101EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/02/02 9:22 a.m.165 views

spec-driven-workflow-poc

Steps for AI setup 1. Create .github folder in the root of th...

5.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/18 12:0 a.m.29 views

A Systematic Study of Code Obfuscation against LLM-Based Vulnerability Detection

As large language models LLMs are increasingly adopted for code vulnerability detection, their reliability and robustness across diverse vulnerability types have become a pressing concern. In traditional adversarial settings, code obfuscation has long been used as a general strategy to bypass...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/12/09 5:56 p.m.3 views

CVE-2025-64671 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

...

8.4CVSS6.6AI score0.0032EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 5:56 p.m.30 views

CVE-2025-64671

CVE-2025-64671 is a remote code execution vulnerability in the GitHub Copilot for JetBrains plugin caused by improper neutralization of command elements (command injection). The Nessus/NVL documentation indicates the issue affects versions prior to 1.5.60; upgrading to 1.5.60 or later is the reme...

8.4CVSS7.1AI score0.0032EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/12/09 5:56 p.m.21 views

CVE-2025-64671 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

...

8.4CVSS0.0032EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2025/12/09 12:0 a.m.8 views

KLA90816 ACE vulnerability in Microsoft Copilot Plugin

A remote code execution vulnerability was found in Microsoft Copilot Studio. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2025-64671 Related products GitHub-Copilot-Plugin CVE list CVE-2025-64671 critical KB list Solution Install necessary...

8.4CVSS8.7AI score0.0032EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/12/06 3:24 p.m.12 views

Researcher Uncovers 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Over 30 security vulnerabilities have been disclosed in various artificial intelligence AI-powered Integrated Development Environments IDEs that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution. The security shortcomings have been...

9.8CVSS8.7AI score0.06583EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/11/21 10:35 p.m.8 views

CVE-2025-64660

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network...

8CVSS7.4AI score0.00486EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/21 12:30 a.m.6 views

EUVD-2025-198368

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature over a network...

5.7CVSS6.4AI score0.00486EPSS
Exploits0References2
NVD
NVD
added 2025/11/20 11:15 p.m.5 views

CVE-2025-64660

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network...

8CVSS0.00486EPSS
Exploits0References1
OSV
OSV
added 2025/11/20 11:15 p.m.10 views

CVE-2025-64660

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network...

8CVSS7.2AI score0.00486EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/20 10:18 p.m.2 views

CVE-2025-64660 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

...

8CVSS6.6AI score0.00486EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/20 10:18 p.m.42 views

CVE-2025-64660 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

...

8CVSS0.00486EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/11/20 8:0 a.m.86 views

GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network...

8CVSS7.4AI score0.00486EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/11/20 12:0 a.m.8 views

PT-2025-47646

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description An issue with access control exists in GitHub Copilot and Visual Studio Code. This allows an authorized attacker to bypass a security feature over a network...

9CVSS6.5AI score0.00486EPSS
Exploits0References12
Krebs on Security
Krebs on Security
added 2025/11/16 9:47 p.m.12 views

Microsoft Patch Tuesday, November 2025 Edition

Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being exploited. Microsoft also fixed a glitch that prevented some Windows 10 users from taking advantage of...

7.8CVSS7AI score0.061EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2025/11/14 12:0 a.m.12 views

Security Update for Microsoft Visual Studio Code (November 2025)

The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.105.1. It is, therefore, affected by security feature bypass vulnerability. Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a...

5CVSS6.2AI score0.00411EPSS
Exploits0References3
Rows per page
Query Builder