CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/02/10 5:51 p.m.•28 views

CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

...

8CVSS0.00845EPSS

CVE•added 2026/02/10 5:51 p.m.•26 views

CVE-2026-21257

CVE-2026-21257 affects GitHub Copilot and Visual Studio. It involves improper neutralization of special elements used in a command (command injection), enabling an authorized attacker to elevate privileges over a network. Root cause: inadequate input handling in command construction. Impact per C...

8CVSS5.6AI score0.00845EPSS

ATTACKERKB•added 2026/02/10 5:51 p.m.•1 views

CVE-2026-21257

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...

8CVSS5.8AI score0.00845EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/02/10 5:51 p.m.•1 views

CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

...

8CVSS5.3AI score0.00845EPSS

Cvelist•added 2026/02/10 5:51 p.m.•21 views

CVE-2026-21516 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

...

8.8CVSS0.0081EPSS

ATTACKERKB•added 2026/02/10 5:51 p.m.•4 views

CVE-2026-21516

Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...

8.8CVSS5.8AI score0.0081EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/02/10 5:51 p.m.•2 views

CVE-2026-21516 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

...

8.8CVSS5.3AI score0.0081EPSS

CVE•added 2026/02/10 5:51 p.m.•20 views

CVE-2026-21516

Github Copilot contains CVE-2026-21516: improper neutralization of special elements used in a command (command injection) that allows a remote attacker to execute code over the network. CVSS v3.1 base score 8.8 (HIGH) with AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Root cause is command injection due ...

8.8CVSS5.8AI score0.0081EPSS

ATTACKERKB•added 2026/02/10 5:51 p.m.•4 views

CVE-2026-21523

Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...

8CVSS5.7AI score0.00792EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/02/10 5:51 p.m.•0 views

CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

...

8CVSS5.2AI score0.00792EPSS

Cvelist•added 2026/02/10 5:51 p.m.•23 views

CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

...

8CVSS0.00792EPSS

CVE•added 2026/02/10 5:51 p.m.•43 views

CVE-2026-21523

CVE-2026-21523 is a time-of-check time-of-use (TOCTOU) race condition impacting GitHub Copilot and Visual Studio . An authorized attacker could execute code over a network. The issued CVSS 3.1 score is 8.0 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: Low , User I...

8CVSS5.7AI score0.00792EPSS

ATTACKERKB•added 2026/02/10 5:51 p.m.•4 views

CVE-2026-21518

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.6AI score0.01357EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/02/10 5:51 p.m.•0 views

CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

...

8.8CVSS5.2AI score0.01357EPSS

CVE•added 2026/02/10 5:51 p.m.•52 views

CVE-2026-21518

CVE-2026-21518 affects GitHub Copilot for Visual Studio Code and VS Code itself. Description: improper neutralization of special elements used in a command (command injection) allows a remote attacker to bypass a security feature over a network. Affected component/input is attacker-controlled net...

8.8CVSS5.6AI score0.01357EPSS

Microsoft CVE•added 2026/02/10 4:0 p.m.•7 views

GitHub Copilot and Visual Studio Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network...

8.8CVSS5.8AI score0.01101EPSS

Microsoft CVE•added 2026/02/10 4:0 p.m.•6 views

GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network...

8CVSS5.6AI score0.00845EPSS

Microsoft CVE•added 2026/02/10 4:0 p.m.•3 views

GitHub Copilot for Jetbrains Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command 'command injection' in Github Copilot allows an unauthorized attacker to execute code over a network...

8.8CVSS5.8AI score0.0081EPSS

Microsoft CVE•added 2026/02/10 4:0 p.m.•7 views

GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability

Time-of-check time-of-use toctou race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network...

8CVSS5.8AI score0.00792EPSS