Security Advisory

CVE-2025-58401

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-05 04:28:24

Last updated 2025-09-05 15:49:35

Assigner jpcert

State PUBLISHED

Description

Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github API token in cleartext form. As a result, an attacker may perform unauthorized operations on the linked Github account.

← Browse all CVEs View on cve.org ↗