CVE-2025-64671

CVE-2025-64671 is a remote code execution vulnerability in the GitHub Copilot for JetBrains plugin caused by improper neutralization of command elements (command injection). The Nessus/NVL documentation indicates the issue affects versions prior to 1.5.60; upgrading to 1.5.60 or later is the reme...

CVE-2026-21516

Github Copilot contains CVE-2026-21516: improper neutralization of special elements used in a command (command injection) that allows a remote attacker to execute code over the network. CVSS v3.1 base score 8.8 (HIGH) with AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Root cause is command injection due ...