CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Published February 13, 2026

Improper neutralization of special elements used in a command (‘command injection’) in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.

Privacy | General Terms & Conditions | Speed Test | Image Share | ASN

We use cookies to improve your experience. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Use.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability

Contact Info

Follow Us

Affiliations

More Info