CVE-2026-45033: CWE-696: Incorrect Behavior Order in github copilot-cli
A vulnerability in GitHub Copilot CLI versions prior to 1. 0. 43 allows a malicious bare git repository nested inside a project directory to achieve arbitrary code execution. This occurs because git's automatic bare repository discovery can be exploited to set executable config keys such as core. fsmonitor, which git executes during normal operations. The issue is fixed in version 1. 0. 43.
AI Analysis
Technical Summary
GitHub Copilot CLI before version 1.0.43 contains a security vulnerability (CVE-2026-45033) where a malicious bare git repository nested within a project directory can cause arbitrary code execution. This is due to git's automatic bare repository discovery during directory traversal, which allows an attacker to set executable configuration keys like core.fsmonitor and others (e.g., core.hookspath, diff.external, merge.tool). These keys specify shell commands that git executes during normal operations such as status, diff, or rev-parse. Exploiting this behavior enables running arbitrary commands without user awareness or approval. The vulnerability is addressed in Copilot CLI version 1.0.43.
Potential Impact
An attacker who can place a malicious bare git repository inside a project directory can execute arbitrary code with the privileges of the user running GitHub Copilot CLI. This can lead to unauthorized command execution without user interaction or approval, potentially compromising the affected system. The CVSS 4.0 score is 8.5 (high severity), reflecting the significant risk of local privilege misuse and code execution.
Mitigation Recommendations
Upgrade GitHub Copilot CLI to version 1.0.43 or later, where this vulnerability is fixed. Since the vulnerability is resolved in this version, no additional mitigation steps are required.
CVE-2026-45033: CWE-696: Incorrect Behavior Order in github copilot-cli
Description
A vulnerability in GitHub Copilot CLI versions prior to 1. 0. 43 allows a malicious bare git repository nested inside a project directory to achieve arbitrary code execution. This occurs because git's automatic bare repository discovery can be exploited to set executable config keys such as core. fsmonitor, which git executes during normal operations. The issue is fixed in version 1. 0. 43.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
GitHub Copilot CLI before version 1.0.43 contains a security vulnerability (CVE-2026-45033) where a malicious bare git repository nested within a project directory can cause arbitrary code execution. This is due to git's automatic bare repository discovery during directory traversal, which allows an attacker to set executable configuration keys like core.fsmonitor and others (e.g., core.hookspath, diff.external, merge.tool). These keys specify shell commands that git executes during normal operations such as status, diff, or rev-parse. Exploiting this behavior enables running arbitrary commands without user awareness or approval. The vulnerability is addressed in Copilot CLI version 1.0.43.
Potential Impact
An attacker who can place a malicious bare git repository inside a project directory can execute arbitrary code with the privileges of the user running GitHub Copilot CLI. This can lead to unauthorized command execution without user interaction or approval, potentially compromising the affected system. The CVSS 4.0 score is 8.5 (high severity), reflecting the significant risk of local privilege misuse and code execution.
Mitigation Recommendations
Upgrade GitHub Copilot CLI to version 1.0.43 or later, where this vulnerability is fixed. Since the vulnerability is resolved in this version, no additional mitigation steps are required.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-08T16:58:28.897Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a04a50ccbff5d8610e804c0
Added to database: 5/13/2026, 4:21:32 PM
Last enriched: 5/13/2026, 4:36:19 PM
Last updated: 5/13/2026, 5:27:15 PM
Views: 10
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.