29580 matches found
CVE-2026-21516
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
CVE-2016-1182
creationtimestamp| type| source ---|---|--- 2026-02-11 12:49:28+00:00| seen| https://gist.github.com/kitherill/35c9211065676c6c258f3a3f1d76a26d...
CVE-2026-25761
Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull...
GHSA-FFRW-9MX8-89P8 vulnerabilities
Vulnerabilities for packages: langfuse...
GHSA-37CX-329C-33X3 vulnerabilities
Vulnerabilities for packages: goreleaser, nuclei, kyverno, osv-scanner, flux, gitaly, grafana-alloy, kubescape, flux-image-automation-controller, gitea, guac, zarf, apko, gitsign, scorecard, k9s, trufflehog, kubevela, trivy-operator, steampipe, syft, trivy, teleport, skaffold, zot, nfpm, gptscrip...
GHSA-3VQJ-43W4-2Q58 vulnerabilities
Vulnerabilities for packages: hadoop-fips...
Vulnerabilities fixed in Microsoft Developer Tools
Microsoft has fixed vulnerabilities in several Visual Studio and .NET components. A malicious party could exploit the vulnerabilities to bypass security measures, grant themselves elevated privileges and potentially execute arbitrary code with the victim's privileges. For successful abuse, the...
CVE-2026-21523
Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...
CVE-2026-21518
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-21518
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-21523
Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...
CVE-2026-21516
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-21516
Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
CVE-2026-21257
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...
CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability
...
CVE-2026-21256
CVE-2026-21256 affects GitHub Copilot and Visual Studio. It is a command injection vulnerability described as improper neutralization of special elements in a command, enabling code execution over a network. CVSS 3.1 base score 8.8 (HIGH) with NETWORK attack vector, no privileges, user interactio...
CVE-2026-21256
Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...