GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper neutralization of special elements used in a command 'command injection' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

GHSA-VC2W-4V3P-2MQW vulnerabilities

Vulnerabilities for packages: solr...

GHSA-8GRV-JQ2G-CFHW

creationtimestamp| type| source ---|---|--- 2026-02-10 05:10:05+00:00| seen| https://gist.github.com/alon710/041178d8a553aa39851ef0441a5d85f3...

GHSA-C869-JX4C-Q5FC

creationtimestamp| type| source ---|---|--- 2026-02-10 02:40:05+00:00| seen| https://gist.github.com/alon710/fb457bfeef78c9056a7ced2406cd4503...

GHSA-V226-32C7-X2V7

creationtimestamp| type| source ---|---|--- 2026-02-10 01:10:06+00:00| seen| https://gist.github.com/alon710/b5fe90df3763874f070b682a26b7b53b...

GHSA-M5R2-8P9X-HP5M

creationtimestamp| type| source ---|---|--- 2026-02-10 00:10:05+00:00| seen| https://gist.github.com/alon710/3866d76e7708105d7c825d24473e3e94...

KLA90877 ACE vulnerability in Microsoft Copilot Plugin

A remote code execution vulnerability was found in Microsoft Copilot Studio. Malicious users can exploit this vulnerability to execute arbitrary code, bypass security restrictions. Original advisories CVE-2026-21516 Exploitation Related products GitHub-Copilot-Plugin CVE list CVE-2026-21516...

Microsoft GitHub Copilot and Visual Studio 命令注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are command injection vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to gain higher privileges. The following products...

Microsoft GitHub Copilot and Visual Studio 代码注入漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There is a code injection vulnerability in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit this vulnerability to execute code remotely. The following products and...

Microsoft GitHub Copilot and Visual Studio Code 命令注入漏洞

Microsoft GitHub Copilot and Visual Studio Code are a set of intelligent coding tools developed by the American company Microsoft. There is a command injection vulnerability present in Microsoft GitHub Copilot and Visual Studio Code. Attackers can exploit this vulnerability to bypass certain...

Microsoft GitHub Copilot and Visual Studio 安全漏洞

Microsoft GitHub Copilot and Visual Studio are generative AI tools developed by the American company Microsoft. There are security vulnerabilities in Microsoft GitHub Copilot and Visual Studio. Attackers can exploit these vulnerabilities to execute code remotely...

PT-2026-7406

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Visual Studio Code affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists in GitHub Copilot and Visual Studio. This condition arises...

PT-2026-7401

Name of the Vulnerable Software and Affected Versions Github Copilot affected versions not specified Description A command injection issue exists in Github Copilot. This allows a remote, unauthorized attacker to execute code over a network. The issue is related to a failure to sanitize data at th...

PT-2026-7359

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description The software contains a command injection issue due to improper neutralization of special elements used in commands. A successful exploit could allow an authorized...

PT-2026-7358

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description A flaw exists in the code generation management of the software development tool. Successful exploitation could allow a remote attacker to execute arbitrary code. Thi...

PT-2026-7403

Name of the Vulnerable Software and Affected Versions GitHub Copilot VS Code extension versions prior to the February 2026 security fix Visual Studio Code versions affected versions not specified Description A command injection flaw exists in GitHub Copilot for Visual Studio Code, allowing...

CVE-2026-25761

Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull...

CVE-2026-25761

The CVE describes a command injection in the Super-linter GitHub Action affecting versions 6.0.0–8.3.0, where file discovery can execute shell command substitution embedded in filenames, enabling arbitrary command execution in the workflow runner and potential disclosure of the job’s GITHUB_TOKEN...

CVE-2026-25761 Command injection via crafted filenames in Super-linter Action

Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull...

CVE-2026-25761 Command injection via crafted filenames in Super-linter Action

Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull...