CVE-2026-21257

Name of the Vulnerable Software and Affected Versions GitHub Copilot and Visual Studio (affected versions not specified)

Description The software contains a command injection issue due to improper neutralization of special elements used in commands. A successful exploit could allow an authorized attacker to elevate privileges over a network. The issue relates to a failure to sanitize data at the management level. Exploitation may allow a remote attacker to elevate their privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.