Severity by source
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.
AnalysisAI
Command injection in GitHub Copilot Chat Extension for Visual Studio Code allows authenticated attackers with user interaction to disclose sensitive information over a network. The vulnerability affects CoPilot Chat Extension versions before 0.37.3 and requires an authorized user to interact with a crafted prompt or input. Microsoft has released a patched version (0.37.3) to remediate this CWE-77 command injection flaw.
Technical ContextAI
The vulnerability exists in the GitHub Copilot Chat Extension (CPE: cpe:2.3:a:microsoft:microsoft_visual_studio_code_copilot_chat_extension), a plugin for Visual Studio Code that enables AI-assisted code generation. CWE-77 represents improper neutralization of special elements in commands, meaning the extension fails to properly sanitize or escape user-supplied input before passing it to command execution contexts. This allows an attacker to inject arbitrary commands that the extension will interpret as part of the legitimate command structure, potentially leading to information disclosure through command output redirection or execution of unintended system commands.
RemediationAI
Vendor-released patch: Microsoft Visual Studio Code CoPilot Chat Extension version 0.37.3 or later. Users should upgrade immediately through the Visual Studio Code Extensions marketplace or via the built-in extension update mechanism. For organizations unable to immediately upgrade, restrict use of the CoPilot Chat Extension until patching is complete, or disable the extension pending update deployment. Refer to https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23653 for verification of patch installation.
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-22359
GHSA-ghqv-73vw-x3j9