Lucene search
K

828 matches found

EUVD
EUVD
added 2026/06/09 5:5 p.m.10 views

EUVD-2026-35547

Improper limitation of a pathname to a restricted directory 'path traversal' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS5.4AI score0.00345EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.34 views

CVE-2026-45482 Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability

...

8.4CVSS0.00345EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.7 views

Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability

Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.00514EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.51 views

Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability

Improper limitation of a pathname to a restricted directory 'path traversal' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS7.3AI score0.00345EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.20 views

PT-2026-47964

Name of the Vulnerable Software and Affected Versions GitHub Copilot affected versions not specified Visual Studio Code affected versions not specified Description Improper limitation of a pathname to a restricted directory, known as path traversal, allows an unauthorized attacker to bypass...

8.4CVSS5.8AI score0.00345EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Visual Studio Code 路径遍历漏洞

Microsoft GitHub Copilot and Visual Studio Code are a set of intelligent coding tools developed by the American company Microsoft. There is a path traversal vulnerability present in Microsoft GitHub Copilot and Visual Studio Code. Attackers can exploit this vulnerability to bypass certain feature...

8.4CVSS5.8AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:44 a.m.18 views

CVE-2026-47644

Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.4AI score0.00732EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:44 a.m.18 views

CVE-2026-42824

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.5AI score0.0764EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 a.m.9 views

CVE-2026-45497

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...

8.8CVSS5.7AI score0.00452EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.10 views

CVE-2026-6874

A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host can lead to reliance on reverse dns resolution. The attack may be performed from remote. The explo...

5.3CVSS4.9AI score0.00257EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.15 views

CVE-2026-6662

A vulnerability was found in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the component Token Endpoint. Performing a manipulation results in permissive cross-domain policy with untrusted domains. It is possible to initiate the attack...

7.5CVSS6.6AI score0.00182EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.10 views

CVE-2026-45033

GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution when the agent...

8.5CVSS6.2AI score0.0035EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34335

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...

7.7CVSS6AI score0.00452EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34336

Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00732EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34334

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.0764EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.14 views

CVE-2026-45497

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an authorized attacker to execute code over a network...

8.8CVSS0.00452EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.25 views

CVE-2026-47644

Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.00732EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.15 views

CVE-2026-42824

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS0.0764EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 10:0 p.m.33 views

CVE-2026-47644 Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability

...

6.5CVSS0.00732EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 10:0 p.m.31 views

CVE-2026-47644

CVE-2026-47644 affects Copilot Chat in Microsoft Edge. The issue is an improper neutralization of special elements in output used by a downstream component ("injection"), enabling an unauthorized attacker to disclose information over a network. The vulnerability is documented across multiple sour...

7.5CVSS5.8AI score0.00732EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder