CVE Catalog
CVE-2026-45482
HighCVSS 8.4Exploitation Probability (EPSS)
Low risk0.35%
27th percentile - higher than 27% of all known CVEs
Summary
A path traversal vulnerability in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
Risk Assessment
An attacker with local access could read files outside the restricted directory, potentially leading to sensitive data disclosure or privilege escalation.
Recommendation
Immediately update GitHub Copilot and Visual Studio Code to the latest patched versions.
Original NVD description (English source)
Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

