{"data":{"id":"1294ac64-a5e6-4a19-9af2-fc3b4c7fbccb","title":"CVE-2026-50510: Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute","summary":"CVE-2026-50510 is a vulnerability in GitHub Copilot where improper file naming restrictions allow an unauthorized attacker to execute code on a user's local machine. The vulnerability is classified as CWE-641 (improper restriction of names for files and other resources), and details are being tracked by Microsoft and NIST.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-50510","publishedAt":"2026-07-14T18:17:58.233Z","cveId":"CVE-2026-50510","cweIds":["CWE-641"],"cvssScore":"7.8","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["GitHub Copilot","Microsoft"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"local","attackComplexity":"low","privilegesRequired":"none","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-07-14T18:17:58.233Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}