What's the vulnerability?

VS Code/GitHub Copilot MCP server definitions in workspace settings could start without workspace trust, enabling command execution via malicious .vscode/settings.json; fixed by adding workspace trust checks and punycode encoding for domain normalization.

Root Cause Analysis

VS Code/GitHub Copilot MCP server definitions in workspace settings could start without workspace trust, enabling command execution via malicious .vscode/settings.json; fixed by adding workspace trust checks and punycode encoding for domain normalization.
One Command

Verify with pruva-verify

Run the Pruva CLI to automatically fetch and execute the reproduction script.

pruva-verify REPRO-2026-00118
or pruva-verify CVE-2026-21518
Install: curl -fsSL https://pruva.dev/install.sh | sh

Or Run Manually

1

Download the script

curl -O https://pruva.dev/api/v1/reproductions/REPRO-2026-00118/artifacts/reproduction_steps.sh
2

Make executable

chmod +x reproduction_steps.sh
3

Run the script

./reproduction_steps.sh
Run in a VM, container, or disposable environment. This exploits a real vulnerability.

How Pruva Reproduced This

Watch the AI agent's step-by-step process.

Loading session...

Artifacts

No artifacts available