CVE-2026-41109
HIGH
NVD
CVSS Score
8.8
Severity
HIGH
Published
May 12, 2026
Vendor
unknown
Description
Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.