CVE-2026-29783

Name of the Vulnerable Software and Affected Versions GitHub Copilot CLI versions prior to 0.0.423

Description The shell tool within GitHub Copilot CLI is susceptible to arbitrary code execution through crafted bash parameter expansion patterns. An attacker influencing commands executed by the agent, via prompt injection through repository files, MCP server responses, or user instructions, can exploit bash parameter transformation operators to execute hidden commands, bypassing the safety assessment intended to classify commands as read-only. Specifically, the patterns ${var@P}, ${var=value} / ${var:=value}, ${!var}, and nested $(cmd) or <(cmd) inside ${...} expansions are dangerous. Exploitation could lead to data exfiltration, file modification, or system compromise.

Recommendations Update GitHub Copilot CLI to version 0.0.423 or later.