AI News

Critical IDEsaster Vulnerabilities Disclosed in AI Coding Tools

Security researchers identify 30-plus flaws affecting GitHub Copilot, Cursor, Claude Code, and other popular development environments.

Olivia Sharp 1 min read 681 views
Free
Security researchers disclosed IDEsaster vulnerabilities affecting GitHub Copilot, Cursor, Claude Code, and other AI development tools with 24 CVEs assigned.

Security researchers disclosed IDEsaster on December 9, 2025, a class of critical vulnerabilities affecting AI-powered development environments including GitHub Copilot, Cursor, Claude Code, JetBrains Junie, Visual Studio Code, and Zed.dev.

Vulnerability scope

Researchers identified over 30 vulnerabilities resulting in 24 CVEs assigned, exposing millions of developers to risks ranging from data theft to remote code execution. Attack patterns involved prompt injection enabling AI agents to manipulate IDE configuration files.

Microsoft's December 2025 Patch Tuesday included CVE-2025-64671 (CVSS 8.4), a GitHub Copilot for JetBrains RCE vulnerability through command injection via cross-prompt injection in untrusted files.

Affected platforms: - GitHub Copilot …

Archive Access

This article is older than 24 hours. Create a free account to access our 7-day archive.

Sign Up for Free Archive Access Already have an account? Log in

Share this article

#tools #enterprise

Related Articles