Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.

Related CVEs

CVE-2025-53773

Key Information

GHSA ID

GHSA-3m2x-p87c-pwv6

Published

August 12, 2025 6:31 PM

Last Modified

August 13, 2025 3:30 AM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 23, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.