CVE-2026-21518

Name of the Vulnerable Software and Affected Versions GitHub Copilot VS Code extension versions prior to the February 2026 security fix Visual Studio Code versions (affected versions not specified)

Description A command injection flaw exists in GitHub Copilot for Visual Studio Code, allowing unauthenticated attackers to execute system commands through crafted network payloads. This bypasses a security feature over a network. Attackers can execute arbitrary system commands, steal API keys and cloud credentials, access proprietary source code, implant malicious commits, and compromise CI/CD pipelines. The root cause is improper neutralization of attacker-controlled network input before execution in the VS Code extension host. The issue impacts developer workstation compromise, source code theft, supply chain poisoning, and enterprise lateral movement. The API Endpoints are not explicitly mentioned, but the vulnerability involves network payloads. The vulnerable input is attacker-controlled network input.

Recommendations Update GitHub Copilot extension immediately. Temporarily disable Copilot. Restrict network access to VS Code instances. Enforce VPN-only developer access. Implement IP allowlisting. Hunt for VS Code spawning shell processes. Monitor child processes from Code.exe. Review EDR logs for command injection indicators. Inspect recent source code commits for backdoors.