VYPR

npm package

@github/copilot

pkg:npm/%40github/copilot

Vulnerabilities (2)

  • CVE-2026-45033HigMay 13, 2026
    affected < 1.0.43fixed 1.0.43

    GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution

  • CVE-2026-29783HigMar 6, 2026
    affected < 0.0.423fixed 0.0.423

    The shell tool within GitHub Copilot CLI versions prior to and including 0.0.422 can allow arbitrary code execution through crafted bash parameter expansion patterns. An attacker who can influence the commands executed by the agent (e.g., via prompt injection through repository f