{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/copilot-cli--1.0.42/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Copilot CLI (\u003c= 1.0.42)"],"_cs_severities":["high"],"_cs_tags":["git","rce","github","code execution"],"_cs_type":"advisory","_cs_vendors":["GitHub"],"content_html":"\u003cp\u003eA security vulnerability exists in GitHub Copilot CLI versions prior to 1.0.43 that allows for arbitrary code execution. The vulnerability stems from how Git handles bare repositories nested within a project directory. An attacker can create a malicious bare Git repository with a specially crafted configuration. When GitHub Copilot CLI performs Git operations, it may inadvertently discover and read the configuration of the malicious bare repository, leading to the execution of arbitrary commands defined within settings like \u003ccode\u003ecore.fsmonitor\u003c/code\u003e. This poses a significant risk, as the execution occurs without user consent or awareness. This vulnerability was addressed in version 1.0.43 by setting \u003ccode\u003esafe.bareRepository=explicit\u003c/code\u003e through environment variables.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a malicious bare Git repository.\u003c/li\u003e\n\u003cli\u003eThe attacker nests the malicious repository within a project directory (e.g., \u003ccode\u003evendor/malicious.git/\u003c/code\u003e).\u003c/li\u003e\n\u003cli\u003eThe attacker configures the \u003ccode\u003ecore.fsmonitor\u003c/code\u003e setting within the malicious bare repository to execute arbitrary commands. Other settings like \u003ccode\u003ecore.hookspath\u003c/code\u003e, \u003ccode\u003ediff.external\u003c/code\u003e, and \u003ccode\u003emerge.tool\u003c/code\u003e could also be targeted.\u003c/li\u003e\n\u003cli\u003eA user clones or otherwise acquires the project containing the malicious repository. This could occur through a pull request, dependency, or other means.\u003c/li\u003e\n\u003cli\u003eGitHub Copilot CLI performs a Git operation (e.g., \u003ccode\u003egit status\u003c/code\u003e, \u003ccode\u003egit diff\u003c/code\u003e, \u003ccode\u003egit rev-parse\u003c/code\u003e) that traverses into or through the directory containing the malicious bare repository.\u003c/li\u003e\n\u003cli\u003eGit automatically discovers the bare repository during directory traversal.\u003c/li\u003e\n\u003cli\u003eGit reads the configuration of the discovered bare repository, including the attacker-controlled \u003ccode\u003ecore.fsmonitor\u003c/code\u003e setting.\u003c/li\u003e\n\u003cli\u003eThe attacker\u0026rsquo;s arbitrary command is executed on the user\u0026rsquo;s system, leading to potential data exfiltration, credential theft, file modification, or further system compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows an attacker to achieve arbitrary code execution on a user\u0026rsquo;s workstation whenever GitHub Copilot CLI performs Git operations near the malicious directory. This could lead to data exfiltration, credential theft, file modification, or further system compromise. The vulnerable versions of GitHub Copilot CLI are those prior to 1.0.43. The vulnerability highlights the danger of trusting implicitly-configured Git repositories within a project.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade GitHub Copilot CLI to version 1.0.43 or later to incorporate the fix for CVE-2026-45033.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Suspicious Git Configuration Modification\u0026rdquo; to monitor for unauthorized changes to Git configuration settings.\u003c/li\u003e\n\u003cli\u003eEnable process creation logging to detect execution from unusual git configuration locations, as detected by the rule \u0026ldquo;Detect Git Command Execution from Unusual Locations\u0026rdquo;.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-11T16:17:45Z","date_published":"2026-05-11T16:17:45Z","id":"https://feed.craftedsignal.io/briefs/2026-05-github-copilot-cli-rce/","summary":"GitHub Copilot CLI versions prior to 1.0.43 are vulnerable to arbitrary code execution via a malicious bare git repository nested within a project directory, exploiting git's automatic bare repository discovery and the `core.fsmonitor` configuration setting.","title":"GitHub Copilot CLI: Nested Bare Repository RCE via Git Configuration","url":"https://feed.craftedsignal.io/briefs/2026-05-github-copilot-cli-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Copilot CLI (\u003c= 1.0.42)","version":"https://jsonfeed.org/version/1.1"}