CVE-2025-62453: Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.

medium5CVSS 3.1

AVLACLPRLUIRSUCNIHAN

Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.

Affected

3 ranges

Vendor	Product	Version range	Fixed in
microsoft	visual_studio_code	< 1.105.0	1.105.0
microsoft	visual_studio_code	>= 1.0.0 < 1.105.0	1.105.0
msrc	visual_studio_code	—	—