Microsoft Github_copilot
3 CVEs affecting Microsoft Github_copilot. Latest disclosed: 2026-06-22. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-21516 | High | 8.8 | 2026-02-10 | Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a ne… |
CVE-2025-64671 | High | 8.4 | 2025-12-09 | Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally. |
CVE-2025-66389 | High | 7.5 | 2026-06-22 | GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user approval) via a file-handler URI parameter to fetch_webpage. Theref… |