130 matches found
CVE-2026-21518
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-21257
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...
CVE-2026-21516
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Visual Studio and .NET components. A malicious party could exploit the vulnerabilities to bypass security measures, grant themselves elevated privileges and potentially execute arbitrary code with the victim's privileges. For successful abuse, the...
CVE-2026-21523
Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...
CVE-2026-21523
Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...
CVE-2026-21518
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-21518
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-21516
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-21516
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
CVE-2026-21257
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...
CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
...
CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
...
CVE-2026-21256
CVE-2026-21256 affects GitHub Copilot and Visual Studio. It is a command injection vulnerability described as improper neutralization of special elements in a command, enabling code execution over a network. CVSS 3.1 base score 8.8 (HIGH) with NETWORK attack vector, no privileges, user interactio...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability
...
CVE-2026-21257
CVE-2026-21257 affects GitHub Copilot and Visual Studio. It involves improper neutralization of special elements used in a command (command injection), enabling an authorized attacker to elevate privileges over a network. Root cause: inadequate input handling in command construction. Impact per C...