CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Wolfi•added 2025/11/12 7:47 p.m.•3 views

GHSA-FW6M-H9WV-4759 vulnerabilities

Vulnerabilities for packages: binutils...

Chainguard•added 2025/11/12 7:17 p.m.•3 views

GHSA-GWQ6-FMVP-QP68 vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

Chainguard•added 2025/11/12 7:17 p.m.•1 views

GHSA-6FHJ-VR9J-G45R vulnerabilities

Vulnerabilities for packages: dependency-track...

RedhatCVE•added 2025/11/11 11:42 p.m.•12 views

CVE-2025-11578

A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an authenticated Enterprise admin to gain root SSH access to the appliance by exploiting a symlink escape in pre-receive hook environments. By crafting a malicious repository and environment, an attacker...

7.5CVSS7.3AI score0.00572EPSS

RedhatCVE•added 2025/11/11 11:42 p.m.•17 views

CVE-2025-11892

An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allows DOM-based cross-site scripting via Issues search label filter that could lead to privilege escalation and unauthorized workflow triggers. Successful exploitation requires an attacker to have...

9.6CVSS6.3AI score0.00551EPSS

OSV•added 2025/11/11 6:15 p.m.•5 views

CVE-2025-62453

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS6.8AI score0.00411EPSS

EUVD•added 2025/11/11 5:59 p.m.•5 views

EUVD-2025-93392

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS5.3AI score0.00411EPSS

Exploits0References2

Cvelist•added 2025/11/11 5:59 p.m.•7 views

CVE-2025-62453 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

...

5CVSS0.00411EPSS

CVE•added 2025/11/11 5:59 p.m.•28 views

CVE-2025-62453

CVE-2025-62453 affects GitHub Copilot and Visual Studio Code due to improper validation of generative AI output, enabling an authorized local attacker to bypass a security feature. Multiple sources corroborate a security feature bypass vulnerability in Visual Studio Code and Copilot Chat, with im...

5CVSS5.4AI score0.00411EPSS

Exploits0References1Affected Software1

Circl•added 2025/11/11 5:50 p.m.•3 views

GHSA-MGRM-G92Q-F8H8

creationtimestamp| type| source ---|---|--- 2025-11-11 17:50:55+00:00| seen| https://seclists.org/oss-sec/2025/q4/164...

5.8AI score

The Hacker News•added 2025/11/11 11:55 a.m.•9 views

Npm Package Targeting GitHub-Owned Repositories Flagged as Red Team Exercise

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate "@actions/artifact" package with the intent to target GitHub-owned repositories. "We think the intent was to have this script execute during a build of a GitHub-owned...

HackRead•added 2025/11/11 11:45 a.m.•6 views

Fake NPM Package With 206K Downloads Targeted GitHub for Credentials (UPDATED)

Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation's code...

Microsoft CVE•added 2025/11/11 8:0 a.m.•25 views

GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally...

5CVSS5.5AI score0.00411EPSS

EUVD•added 2025/11/11 12:30 a.m.•5 views

EUVD-2025-50832

8.6CVSS5.8AI score0.00551EPSS

Exploits0References6

EUVD•added 2025/11/11 12:30 a.m.•5 views

EUVD-2025-50831

7.5CVSS6.8AI score0.00572EPSS

Exploits0References6

Kaspersky•added 2025/11/11 12:0 a.m.•7 views

KLA90062 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in GitHub Copilot and Visual Studio...

8.8CVSS7.2AI score0.00957EPSS

Exploits0References7

Positive Technologies•added 2025/11/11 12:0 a.m.•5 views

PT-2025-46517

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio Code affected versions not specified Description A security feature bypass can occur due to improper validation of generative AI output in GitHub Copilot and Visual Studio Code. An authorized attacker can explo...

5CVSS5.4AI score0.00411EPSS

Exploits0References7

CNNVD•added 2025/11/11 12:0 a.m.•3 views

Microsoft GitHub Copilot and Visual Studio Code 安全漏洞

Microsoft GitHub Copilot and Visual Studio Code is a combination of intelligent coding tools from Microsoft Corporation USA. A security vulnerability exists in Microsoft GitHub Copilot and Visual Studio Code. An attacker exploiting the vulnerability could bypass certain features...

5CVSS5.5AI score0.00411EPSS