CVE-2025-64671

CVSS v3.1

8.4

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2025-64671

Affected Products

Github Copilot Plugin For Jetbrains Ides

CVE-2025-64671

Weakness Enumeration

Related Identifiers

Affected Products

References · 5