CVE 8.5 HIGH

GitHub Copilot CLI: Nested Bare Repository Can Execute Arbitrary Commands via core.fsmonitor_CVE-2026-45033

May 13, 2026 invoker category_cve
8.5 / 10
HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution when the agent performs git operations. By exploiting git's automatic bare repository discovery during directory traversal, an attacker can set core.fsmonitor or other executable config keys to run arbitrary commands without user awareness or approval. The vulnerability arises because git's core.fsmonitor config key (and 15+ similar keys such as core.hookspath, diff.external, merge.tool, etc.) can specify arbitrary shell commands that git will execute as part of normal operations like status, diff, or rev-parse. This vulnerability is fixed in 1.0.43.

AI Analysis

Arbitrary code execution via core.fsmonitor in GitHub Copilot CLI

Basic Information

ID CVE-2026-45033
Source GitHub_M
Published May 13, 2026 at 15:45

Affected Product

Vendor github
Product copilot-cli
Version < 1.0.43
Affected Versions github copilot-cli < 1.0.43

CWE Classification

CWE-696

AI Assessment

AI Score 8.5 / 10
AI Severity High
Vendor GitHub
Product GitHub Copilot CLI
Version < 1.0.43

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.