🟠 High | Source: Microsoft Security Response Center
A vulnerability in GitHub CLI’s gh codespace jupyter command could allow an attacker to execute arbitrary code on a developer’s machine by tricking them into connecting to a maliciously crafted Codespace. The flaw sits in the JupyterLab integration within GitHub Codespaces, meaning any developer using this workflow could be at risk without realising the Codespace they are connecting to has been compromised. Given the prevalence of Codespaces in modern development pipelines, the potential for lateral movement into build systems or source code repositories is significant.
Security Architect’s Take: Audit your organisation’s use of
gh codespace jupyterand restrict or disable the command via policy if it is not required; additionally, enforce controls ensuring developers only connect to Codespaces from trusted, organisation-owned repositories and consider pinning GitHub CLI to a patched version as soon as one is available.
Original advisory: CVE-2026-59831 GitHub CLI gh codespace jupyter could allow remote code execution when connecting to a malicious Codespace