High
CVSS 7.8
Overview
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
CVE-2025-53773
Improper neutralization of special elements used in a command ('command injectio...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.8 (HIGH)
- Detected tags: command_injection, unauth_access (tag impact: HIGH)
Recommended actions:
- Enforce authentication/authorization; reduce default endpoint exposure.