Lucene search
K

145 matches found

OSV
OSV
added 2025/11/11 6:15 p.m.7 views

CVE-2025-62453

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS6.8AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2025/11/11 5:59 p.m.40 views

CVE-2025-62453

CVE-2025-62453 affects GitHub Copilot and Visual Studio Code due to improper validation of generative AI output, enabling an authorized local attacker to bypass a security feature. Multiple sources corroborate a security feature bypass vulnerability in Visual Studio Code and Copilot Chat, with im...

5CVSS5.4AI score0.00409EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/11 5:59 p.m.7 views

EUVD-2025-93392

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS5.3AI score0.00409EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/11 5:59 p.m.10 views

CVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

...

5CVSS0.00409EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2025/11/11 8:0 a.m.29 views

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS5.5AI score0.00409EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.6 views

Microsoft GitHub Copilot and Visual Studio Code 安全漏洞

Microsoft GitHub Copilot and Visual Studio Code is a combination of intelligent coding tools from Microsoft Corporation USA. A security vulnerability exists in Microsoft GitHub Copilot and Visual Studio Code. An attacker exploiting the vulnerability could bypass certain features...

5CVSS5.5AI score0.00409EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46517

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description A security feature bypass can occur due to improper validation of generative AI output in GitHub Copilot and Visual Studio Code. An authorized attacker can explo...

5CVSS5.4AI score0.00409EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2025/11/11 12:0 a.m.7 views

KLA90062 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in GitHub Copilot and Visual Studio...

8.8CVSS7.2AI score0.01014EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-24366

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.02559EPSS
Exploits2References1
Microsoft Secure
Microsoft Secure
added 2025/09/30 1:0 p.m.8 views

Empowering defenders in the era of agentic AI with Microsoft Sentinel

Microsoft unveils a new wave of security innovation—delivering an agentic platform to protect organizations at scale We are living through a turning point in how organizations work and defend themselves. Across industries, “Frontier Firms” are emerging; these are businesses where humans and AI...

7.1AI score
Exploits0
NVD
NVD
added 2025/09/05 5:15 a.m.29 views

CVE-2025-58401

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account...

6.8CVSS0.00094EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.5 views

Obsidian GitHub Copilot Plugin 安全漏洞

Obsidian GitHub Copilot Plugin is a Github Copilot plugin by the individual developer Pierre-Adrien Vasseur. A security vulnerability exists in versions of Obsidian GitHub Copilot Plugin prior to 1.1.7, which stems from storing Github API tokens in clear-text form, which could lead to unauthorize...

6.8CVSS6.4AI score0.00094EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/09/04 12:0 a.m.4 views

Adversarial Bug Reports As a Security Risk in Language Model-Based Automated Program Repair

Large Language Model LLM - based Automated Program Repair APR systems are increasingly integrated into modern software development workflows, offering automated patches in response to natural language bug reports. However, this reliance on untrusted user input introduces a novel and underexplored...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/14 6:23 p.m.3 views

CVE-2025-53773

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS7.7AI score0.02559EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2025/08/13 4:58 p.m.366 views

Exploit for Command Injection in Microsoft

💥 CVE-2025-53773 — Remote Code Execution in GitHub Copilot 💥...

7.8CVSS8.2AI score0.02559EPSS
Exploits2
OSV
OSV
added 2025/08/12 6:15 p.m.6 views

CVE-2025-53773

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.02559EPSS
Exploits2References3
NVD
NVD
added 2025/08/12 6:15 p.m.5 views

CVE-2025-53773

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally...

7.8CVSS0.02559EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/08/12 5:9 p.m.3 views

CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

...

7.8CVSS7.2AI score0.02559EPSS
Exploits2References1
CVE
CVE
added 2025/08/12 5:9 p.m.110 views

CVE-2025-53773

CVE-2025-53773 describes a command-injection-based remote code execution risk in GitHub Copilot and Visual Studio. The root cause is improper neutralization of elements in prompts/config that Copilot can read and act on, potentially allowing an attacker to cause Copilot to modify project configur...

7.8CVSS7.6AI score0.02559EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2025/08/12 5:9 p.m.13 views

CVE-2025-53773 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

...

7.8CVSS0.02559EPSS
Exploits2References1
Rows per page
Query Builder