Tag
CVE-2026-41109 describes an improper neutralization of special elements in output used by a downstream component ('injection') vulnerability in GitHub Copilot and Visual Studio, allowing an unauthorized attacker to bypass a security feature over a network.