Understanding CVE-2025-66389: GitHub Copilot Filesystem Access Vulnerability
CVE-2025-66389 is a high-severity vulnerability in GitHub Copilot 1.372.0 that allows filesystem access outside of a workspace folder without user approval. This could lead to exfiltration if there is indirect prompt injection. The vulnerability has a CVSS score of 7.5 and is classified under CWE-552.