Alexander Tan

**Name of the Vulnerable Software and Affected Versions** Microsoft Azure Active Directory B2C (affected versions not specified) **Description** An authentication bypass exists via an alternate path or channel, which allows an unauthorized attacker to elevate privileges over a network. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GitHub Copilot and Visual Studio (affected versions not specified) Visual Studio Code (affected versions not specified) **Description** A time-of-check time-of-use (TOCTOU) race condition exists in GitHub Copilot and Visual Studio. This condition arises from synchronization errors when using a shared resource, specifically a race condition. Successful exploitation could allow a remote attacker to execute code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.