Skip to main content

Microsoft Visual Studio Code Copilot Chat Extension CVE-2026-23653

| EUVDEUVD-2026-22359 MEDIUM
Command Injection (CWE-77)
2026-04-14 microsoft GHSA-ghqv-73vw-x3j9
5.7
CVSS 3.1 · NVD
Temporal: 5.0
Share

Severity by source

NVD PRIMARY
5.7 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
5.0 MEDIUM
cvss

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
Apr 14, 2026 - 18:50 vuln.today
EUVD ID Assigned
Apr 14, 2026 - 17:46 euvd
EUVD-2026-22359
Analysis Generated
Apr 14, 2026 - 17:46 vuln.today
Patch released
Apr 14, 2026 - 17:46 nvd
Patch available
CVE Published
Apr 14, 2026 - 16:56 nvd
MEDIUM 5.7

DescriptionCVE.org

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an authorized attacker to disclose information over a network.

AnalysisAI

Command injection in GitHub Copilot Chat Extension for Visual Studio Code allows authenticated attackers with user interaction to disclose sensitive information over a network. The vulnerability affects CoPilot Chat Extension versions before 0.37.3 and requires an authorized user to interact with a crafted prompt or input. Microsoft has released a patched version (0.37.3) to remediate this CWE-77 command injection flaw.

Technical ContextAI

The vulnerability exists in the GitHub Copilot Chat Extension (CPE: cpe:2.3:a:microsoft:microsoft_visual_studio_code_copilot_chat_extension), a plugin for Visual Studio Code that enables AI-assisted code generation. CWE-77 represents improper neutralization of special elements in commands, meaning the extension fails to properly sanitize or escape user-supplied input before passing it to command execution contexts. This allows an attacker to inject arbitrary commands that the extension will interpret as part of the legitimate command structure, potentially leading to information disclosure through command output redirection or execution of unintended system commands.

RemediationAI

Vendor-released patch: Microsoft Visual Studio Code CoPilot Chat Extension version 0.37.3 or later. Users should upgrade immediately through the Visual Studio Code Extensions marketplace or via the built-in extension update mechanism. For organizations unable to immediately upgrade, restrict use of the CoPilot Chat Extension until patching is complete, or disable the extension pending update deployment. Refer to https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23653 for verification of patch installation.

Share

CVE-2026-23653 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy