PT-2026-7359

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description The software contains a command injection issue due to improper neutralization of special elements used in commands. A successful exploit could allow an authorized...

PT-2026-7358

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio affected versions not specified Description A flaw exists in the code generation management of the software development tool. Successful exploitation could allow a remote attacker to execute arbitrary code. Thi...

PT-2026-7403

Name of the Vulnerable Software and Affected Versions GitHub Copilot VS Code extension versions prior to the February 2026 security fix Visual Studio Code versions affected versions not specified Description A command injection flaw exists in GitHub Copilot for Visual Studio Code, allowing...

CVE-2026-25931 vscode-spell-checker has a workspace-trust bypass Code Execution

vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings.determineIsTrusted treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. The value defaults to true package.json and is read from workspace...

Spelling Checker for Visual Studio Code 安全漏洞

Spelling Checker for Visual Studio Code is a simple source code spell checker developed by Street Side Software. Versions of Spelling Checker for Visual Studio Code prior to v4.5.4 contained a security vulnerability. This vulnerability stemmed from improper handling of trust flags, which could...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component was using python,nginx and packages which were vulnerable to CVE-2025-4435, CVE-2025-23419, CVE-2025-4330, CVE-2025-4138, CVE-2025-47273

Summary IBM Maximo Application Suite - Visual Inspection component was using python,nginx and packages which were vulnerable to CVE-2025-4435, CVE-2025-23419, CVE-2025-4330, CVE-2025-4138, CVE-2025-47273. This bulletin contains information regarding the vulnerability and its remediation...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses urllib3 which is vulnerable to CVE-2025-66418 and CVE-2025-66471

Summary IBM Maximo Application Suite - Visual Inspection component uses urllib3 which is vulnerable to CVE-2025-66418 and CVE-2025-66471. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a...

CVE-2026-25019

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through = 4.3.1...

CVE-2026-24984

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

CVE-2025-61656

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files src/ce/ve.Ce.ClipboardHandler.Js. This issue affects VisualEditor: from before 1.39.14, 1.43.4, 1.44.1...

CVE-2026-25019

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through = 4.3.1...

CVE-2026-24984

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

CVE-2026-25019 WordPress Atarim plugin <= 4.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through = 4.3.1...

CVE-2026-25019 WordPress Atarim plugin <= 4.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through = 4.3.1...

CVE-2026-24984

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

CVE-2026-24984 WordPress Visual Link Preview plugin <= 2.2.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

CVE-2026-24984 WordPress Visual Link Preview plugin <= 2.2.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

EUVD-2026-5247

Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through = 2.2.9...

CVE-2026-24984

CVE-2026-24984 affects the WordPress Visual Link Preview plugin up to and including version 2.2.9, describing a Missing/Incorrectly Configured Authorization vulnerability that allows access control bypass. The issue, documented in multiple sources, indicates a Broken Access Control risk with CVSS...

CVE-2025-61655

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation VisualEditor. This vulnerability is associated with program files includes/ApiVisualEditorEdit.Php, modules/ve-mw/init/targets/ve.Init.Mw.DesktopArticleTarget.Js,...