Vulnerability Details CVE-2026-21518
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.5%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2026-21518
-
cpe:2.3:a:microsoft:visual_studio_code:1.100.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.100.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.100.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.100.3
-
cpe:2.3:a:microsoft:visual_studio_code:1.101.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.101.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.101.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.102.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.102.3
-
cpe:2.3:a:microsoft:visual_studio_code:1.103.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.103.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.103.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.104.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.104.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.104.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.104.3
-
cpe:2.3:a:microsoft:visual_studio_code:1.105.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.105.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.56.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.57.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.58.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.63.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.63.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.80.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.80.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.80.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.81.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.81.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.82.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.82.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.82.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.82.3
-
cpe:2.3:a:microsoft:visual_studio_code:1.83.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.83.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.84.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.84.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.84.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.85.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.85.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.85.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.86.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.86.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.86.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.87.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.87.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.87.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.88.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.88.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.89.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.89.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.90.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.90.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.90.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.91.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.91.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.92.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.92.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.92.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.93.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.93.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.94.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.94.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.94.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.95.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.95.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.95.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.95.3
-
cpe:2.3:a:microsoft:visual_studio_code:1.96.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.96.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.96.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.96.3
-
cpe:2.3:a:microsoft:visual_studio_code:1.96.4
-
cpe:2.3:a:microsoft:visual_studio_code:1.97.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.97.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.97.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.98.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.98.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.98.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.99.0
-
cpe:2.3:a:microsoft:visual_studio_code:1.99.1
-
cpe:2.3:a:microsoft:visual_studio_code:1.99.2
-
cpe:2.3:a:microsoft:visual_studio_code:1.99.3