VYPR

Copilot

by Microsoft

CVEs (5)

  • CVE-2026-41090CriMay 22, 2026
    risk 0.60cvss 9.3epss 0.00

    Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-45497HigJun 4, 2026
    risk 0.50cvss 7.7epss 0.00

    Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.

  • CVE-2026-26136MedMar 19, 2026
    risk 0.42cvss 6.5epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-42895Jun 19, 2026
    risk 0.00cvss epss 0.00

    Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-21518Feb 10, 2026
    risk 0.00cvss epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.