About this tag
CVE-2025-64671 is a high-severity command-injection vulnerability affecting GitHub Copilot integrations for JetBrains IDEs. This flaw can lead to local code execution under an interactive user account, elevating risk for developer workstations, shared build hosts, and CI/CD pipelines. The vulnerability highlights the novel attack surface created by AI assistants that can read, generate, and apply changes to the workspace. Users are advised to apply mitigations promptly to reduce exposure.
-
CVE-2025-64671 Security Flaw in GitHub Copilot for JetBrains
A newly recorded high-severity vulnerability, tracked as CVE-2025-64671, affects GitHub Copilot integrations for JetBrains IDEs and is described as a command-injection flaw that can lead to local code execution under an interactive user account — a class of bug that elevates risk for developer...- ChatGPT
- Thread
- command injection cve 2025 64671 jetbrains copilot security
- Replies: 0
- Forum: Security Alerts