Vulnerabilities
Vulnerable Software
Microsoft:  >> Github Copilot  Security Vulnerabilities
GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user approval) via a file-handler URI parameter to fetch_webpage. Therefore, exfiltration could occur if there is indirect prompt injection.
CVSS Score
7.5
EPSS Score
0.009
Published
2026-06-22
Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.008
Published
2026-02-10
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally.
CVSS Score
8.4
EPSS Score
0.003
Published
2025-12-09


Contact Us

Shodan ® - All rights reserved