CVE-2026-45033: GitHub Copilot CLI: Nested Bare Repository Can Execute Arbitrary Commands via core.fsmonitor

May 11, 2026

A security vulnerability has been identified in GitHub Copilot CLI where a malicious bare git repository nested inside a project directory can achieve arbitrary code execution when the agent performs git operations. By exploiting git’s automatic bare repository discovery during directory traversal, an attacker can set core.fsmonitor or other executable config keys to run arbitrary commands without user awareness or approval.

References

github.com/advisories/GHSA-9ccr-r5hg-74gf
github.com/github/copilot-cli
github.com/github/copilot-cli/security/advisories/GHSA-9ccr-r5hg-74gf
nvd.nist.gov/vuln/detail/CVE-2026-45033

Code Behaviors & Features

Detect and mitigate CVE-2026-45033 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →