โ† Back to Dashboard

CVE-2025-66389

HIGH NVD
CVSS Score
7.5
Severity
HIGH
Source
NVD
Published
Jun 22, 2026
Description

GitHub Copilot 1.372.0 allows filesystem access outside of a workspace folder (without user approval) via a file-handler URI parameter to fetch_webpage. Therefore, exfiltration could occur if there is indirect prompt injection.

View Full Details โ† Back