GitHub Copilot RCE Vulnerability in JetBrains Plugin Patched in February Patch Tuesday

Among the 58 vulnerabilities addressed in Microsoft's February 2026 Patch Tuesday, CVE-2026-21516 stands out for development teams: it is a remote code execution vulnerability in the GitHub Copilot extension for JetBrains IDEs, including IntelliJ IDEA, PyCharm, GoLand, and others. The flaw is classified as improper neutralization of special elements in a command — command injection — and carries a CVSS score of 8.8.

Technical Details

The vulnerability allows an attacker with network access to execute arbitrary code on a system running an affected JetBrains IDE with the GitHub Copilot plugin installed. Exploitation requires network reachability to the development machine, making shared development hosts, CI/CD environments with IDE-based tooling, and developer workstations on flat corporate networks the highest-risk targets.

A companion vulnerability, CVE-2026-21523, affects GitHub Copilot in Visual Studio Code and involves a time-of-check/time-of-use (TOCTOU) race condition. That flaw can permit code execution through insufficient validation of AI-generated output when Copilot agent features are active. Both vulnerabilities were addressed in the February 10, 2026 Patch Tuesday update.

Recommended Actions

JetBrains IDE users should update the GitHub Copilot plugin to the latest version through the IDE plugin manager or the JetBrains Marketplace. Organizations managing developer workstations centrally should prioritize patching shared build hosts and machines running Copilot agentic workflows, where the attack surface is largest.

Security researchers at Orca Security published a detailed write-up under the name "RoguePilot," noting that the vulnerability may be triggerable by opening a maliciously crafted project in an affected IDE. Teams should review their Copilot agent permissions and disable features not actively in use until patches are confirmed as deployed across all development environments.