Copilot
by GitHub
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-64660 | Hig | 0.52 | 8.0 | 0.00 | Nov 20, 2025 | Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network. | ||
| CVE-2025-53773 | Hig | 0.51 | 7.8 | 0.03 | Aug 12, 2025 | Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-62453 | Med | 0.33 | 5.0 | 0.00 | Nov 11, 2025 | Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally. |
- risk 0.52cvss 8.0epss 0.00
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network.
- risk 0.51cvss 7.8epss 0.03
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
- risk 0.33cvss 5.0epss 0.00
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.