145 matches found
CVE-2025-62453
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...
CVE-2025-62453
CVE-2025-62453 affects GitHub Copilot and Visual Studio Code due to improper validation of generative AI output, enabling an authorized local attacker to bypass a security feature. Multiple sources corroborate a security feature bypass vulnerability in Visual Studio Code and Copilot Chat, with im...
EUVD-2025-93392
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...
CVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
...
GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...
Microsoft GitHub Copilot and Visual Studio Code 安全漏洞
Microsoft GitHub Copilot and Visual Studio Code is a combination of intelligent coding tools from Microsoft Corporation USA. A security vulnerability exists in Microsoft GitHub Copilot and Visual Studio Code. An attacker exploiting the vulnerability could bypass certain features...
PT-2025-46517
Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description A security feature bypass can occur due to improper validation of generative AI output in GitHub Copilot and Visual Studio Code. An authorized attacker can explo...
KLA90062 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in GitHub Copilot and Visual Studio...
EUVD-2025-24366
Malicious code in bioql PyPI...
Empowering defenders in the era of agentic AI with Microsoft Sentinel
Microsoft unveils a new wave of security innovation—delivering an agentic platform to protect organizations at scale We are living through a turning point in how organizations work and defend themselves. Across industries, “Frontier Firms” are emerging; these are businesses where humans and AI...
CVE-2025-58401
Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account...
Obsidian GitHub Copilot Plugin 安全漏洞
Obsidian GitHub Copilot Plugin is a Github Copilot plugin by the individual developer Pierre-Adrien Vasseur. A security vulnerability exists in versions of Obsidian GitHub Copilot Plugin prior to 1.1.7, which stems from storing Github API tokens in clear-text form, which could lead to unauthorize...
Adversarial Bug Reports As a Security Risk in Language Model-Based Automated Program Repair
Large Language Model LLM - based Automated Program Repair APR systems are increasingly integrated into modern software development workflows, offering automated patches in response to natural language bug reports. However, this reliance on untrusted user input introduces a novel and underexplored...
CVE-2025-53773
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...
Exploit for Command Injection in Microsoft
💥 CVE-2025-53773 — Remote Code Execution in GitHub Copilot 💥...
CVE-2025-53773
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...
CVE-2025-53773
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...
CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
...
CVE-2025-53773
CVE-2025-53773 describes a command-injection-based remote code execution risk in GitHub Copilot and Visual Studio. The root cause is improper neutralization of elements in prompts/config that Copilot can read and act on, potentially allowing an attacker to cause Copilot to modify project configur...
CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
...