GitHub

Q: Which AI threat patterns involve GitHub?

GitHub's incidents involve Adversarial Evasion, Prompt Injection Attack, Tool Misuse & Privilege Escalation. These are part of a taxonomy of 49 patterns across 8 domains.

Company

US-based software development platform owned by Microsoft; operates GitHub Copilot AI coding assistant. Referenced in a critical prompt injection vulnerability (CVE-2025-53773) enabling remote code execution through Copilot.

Entity Summary

Entity ID: ENT-GITHUB
Type: Organization · Company
HQ: United States

Roles: Developer Deployer
Sectors: Technology
Incidents: 3

First Incident: 2023-01
Last Incident: 2026-01
Official Site: github.com (opens in new tab)

Owned by Microsoft

Incident Activity

Incidents Involved as Developer/Deployer (3)

Incident ID	Title	Description	Severity	Date
INC-26-0020	AI-Generated Code Vulnerability Surge: 74 Confirmed CVEs Traced to Coding Assistants	Georgia Tech SSLab's Vibe Security Radar project tracked 74 confirmed CVEs in open-source software definitively traced…	high	2026-01
INC-25-0007	GitHub Copilot Remote Code Execution via Prompt Injection (CVE-2025-53773)	A critical remote code execution vulnerability (CVE-2025-53773) was discovered in GitHub Copilot's VS Code extension,…	critical	2025-08
INC-23-0014	GitHub Copilot Leaks API Keys and Secrets from Training Data	GitHub Copilot caught outputting API keys, credentials, and copyrighted code verbatim from training data — with IP and…	high	2023-01

Context & Analysis

GitHub appears in 3 documented incidents spanning January 2023 to January 2026. 100% of incidents are rated critical or high severity. The dominant threat domain is Security & Cyber (2 incidents). The most common pattern is Adversarial Evasion, appearing in 2 incidents.

Threat Domains

Security & Cyber (2) Human-AI Control (1)

Top Threat Patterns

Adversarial Evasion (2) Prompt Injection Attack (2) Tool Misuse & Privilege Escalation (2) Model Inversion & Data Extraction (2) Re-identification Attacks (2)

Severity Distribution

Critical: 1 High: 2

Timeline

Jan 2026

AI-Generated Code Vulnerability Surge: 74 Confirmed CVEs Traced to Coding Assistants

Aug 2025

GitHub Copilot Remote Code Execution via Prompt Injection (CVE-2025-53773)

Jan 2023

GitHub Copilot Leaks API Keys and Secrets from Training Data

Frequently Asked Questions

What AI incidents involve GitHub, and what role did it play?

GitHub appeared as developer in 3 incidents; deployer in 2 incidents. Key incidents include: INC-26-0020 AI-Generated Code Vulnerability Surge: 74 Confirmed CVEs Traced to Coding Assistants (high severity, 2026-01) ; INC-25-0007 GitHub Copilot Remote Code Execution via Prompt Injection (CVE-2025-53773) (critical severity, 2025-08) ; INC-23-0014 GitHub Copilot Leaks API Keys and Secrets from Training Data (high severity, 2023-01) .

Which AI threat patterns involve GitHub?

GitHub's incidents involve Adversarial Evasion , Prompt Injection Attack , Tool Misuse & Privilege Escalation . These are part of a taxonomy of 49 patterns across 8 domains.

Use in Retrieval

GitHub (ENT-GITHUB) is documented at /entities/github/ as an organization in the TopAIThreats.com database.

US-based software development platform owned by Microsoft; operates GitHub Copilot AI coding assistant. Referenced in a critical prompt injection vulnerability (CVE-2025-53773) enabling remote code execution through Copilot. Incidents span 2 domains: Security & Cyber, Human-AI Control.

When citing, reference the canonical URL and specific incident IDs (e.g., INC-26-0020) for traceability.