Lucene search
K

145 matches found

CVE
CVE
added 2026/02/10 5:51 p.m.30 views

CVE-2026-21516

Github Copilot contains CVE-2026-21516: improper neutralization of special elements used in a command (command injection) that allows a remote attacker to execute code over the network. CVSS v3.1 base score 8.8 (HIGH) with AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Root cause is command injection due ...

8.8CVSS5.8AI score0.0081EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.27 views

CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

...

8CVSS0.00792EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.5 views

CVE-2026-21523

Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...

8CVSS5.7AI score0.00792EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/02/10 5:51 p.m.0 views

CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

...

8CVSS5.2AI score0.00792EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 5:51 p.m.69 views

CVE-2026-21523

CVE-2026-21523 is a time-of-check time-of-use (TOCTOU) race condition impacting GitHub Copilot and Visual Studio . An authorized attacker could execute code over a network. The issued CVSS 3.1 score is 8.0 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: Low , User I...

8CVSS5.7AI score0.00792EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/10 5:51 p.m.0 views

CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

...

8.8CVSS5.2AI score0.01357EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/10 5:51 p.m.4 views

CVE-2026-21518

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.6AI score0.01357EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2026/02/10 5:51 p.m.81 views

CVE-2026-21518

CVE-2026-21518 affects GitHub Copilot for Visual Studio Code and VS Code itself. Description: improper neutralization of special elements used in a command (command injection) allows a remote attacker to bypass a security feature over a network. Affected component/input is attacker-controlled net...

8.8CVSS5.6AI score0.01357EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.8 views

GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...

8.8CVSS5.8AI score0.01101EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.9 views

GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...

8CVSS5.6AI score0.00845EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.6 views

GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...

8.8CVSS5.8AI score0.0081EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.8 views

GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...

8CVSS5.8AI score0.00792EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/02/10 4:0 p.m.31 views

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.6AI score0.01357EPSS
Exploits0
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

Microsoft GitHub Copilot and Visual Studio Code 命令注入漏洞

Microsoft GitHub Copilot and Visual Studio Code are a set of intelligent coding tools developed by the American company Microsoft. There is a command injection vulnerability present in Microsoft GitHub Copilot and Visual Studio Code. Attackers can exploit this vulnerability to bypass certain...

8.8CVSS7.1AI score0.01357EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.4 views

PT-2026-7406

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Visual Studio Code affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists in GitHub Copilot and Visual Studio. This condition arises...

9CVSS6.1AI score0.00792EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.5 views

PT-2026-7358

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description A flaw exists in the code generation management of the software development tool. Successful exploitation could allow a remote attacker to execute arbitrary code. Thi...

10CVSS5.9AI score0.01101EPSS
Exploits0References6
Kaspersky
Kaspersky
added 2026/02/10 12:0 a.m.4 views

KLA90877 ACE vulnerability in Microsoft Copilot Plugin

A remote code execution vulnerability was found in Microsoft Copilot Studio. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2026-21516 Exploitation Related products GitHub-Copilot-Plugin CVE list CVE-2026-21516...

8.8CVSS6.5AI score0.0081EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

Microsoft GitHub Copilot and Visual Studio 安全漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are security vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to execute code remotely...

8CVSS6AI score0.00792EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

Microsoft GitHub Copilot and Visual Studio 代码注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There is a code injection vulnerability in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit this vulnerability to execute code remotely. The following products and...

8.8CVSS6AI score0.01101EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.13 views

PT-2026-7403

Name of the Vulnerable Software and Affected Versions GitHub Copilot VS Code extension versions prior to the February 2026 security fix Visual Studio Code versions affected versions not specified Description A command injection flaw exists in GitHub Copilot for Visual Studio Code, allowing...

8.8CVSS6.3AI score0.01357EPSS
Exploits0References8
Rows per page
Query Builder