{"slug": "codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection", "title": "CodeQL 2.26.0 adds Kotlin 2.4.0 support and AI prompt injection detection", "summary": "GitHub released CodeQL 2.26.0, adding support for Kotlin 2.4.0 and a new JavaScript/TypeScript query to detect AI system prompt injection vulnerabilities. The update also improves analysis accuracy across C#, Go, Python, Swift, and GitHub Actions, enhancing security scanning capabilities for developers.", "body_md": "# CodeQL 2.26.0 adds Kotlin 2.4.0 support and AI prompt injection detection\n\nCodeQL is the static analysis engine behind [GitHub code scanning](https://docs.github.com/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql), which finds and remediates security issues in your code. We’ve recently released [CodeQL 2.26.0](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.26.0/), which adds support for Kotlin 2.4.0, introduces a JavaScript and TypeScript query for system prompt injection, and improves analysis accuracy across multiple languages.\n\n[Language and framework support](#language-and-framework-support)\n\n**Kotlin**: CodeQL now supports Kotlin versions up to 2.4.0.\n\n**C#**: We’ve added Razor Page handler method parameters, such as parameters for `OnGet`\n\n, `OnPost`\n\n, and `OnPostAsync`\n\n, as remote flow sources. Security queries such as `cs/sql-injection`\n\ncan now detect vulnerabilities involving these parameters in `PageModel`\n\nsubclasses.\n\n**Go**: We’ve added models for the `log/slog`\n\npackage introduced in Go 1.21. The `go/log-injection`\n\nand `go/clear-text-logging`\n\nqueries can now detect issues in code that uses `slog`\n\npackage functions and `slog.Logger`\n\nmethods.\n\n**JavaScript/TypeScript**: We’ve added prompt injection sinks for additional OpenAI, Anthropic, and Google GenAI SDK APIs, including Sora prompts, OpenAI Realtime session instructions, Anthropic legacy completion prompts, and Google GenAI cached content and system instructions.\n\n[Query changes](#query-changes)\n\n**JavaScript/TypeScript**\n\n- We’ve added the\n`js/system-prompt-injection`\n\nquery to detect when untrusted, user-provided values flow into an AI model’s system prompt, allowing an attacker to manipulate the model’s behavior. - We’ve added the experimental\n`javascript/ssrf-ipv6-transition-incomplete-guard`\n\nquery to detect server-side request forgery (SSRF) guards that reject private IPv4 ranges but can be bypassed with IPv6 transition address formats.\n\n**Go**\n\n- The\n`go/unhandled-writable-file-close`\n\nquery now produces fewer false positives. It no longer flags a deferred call to`Close`\n\nwhen every execution path first handles a call to`Sync`\n\non the same file handle.\n\n**Python**\n\n- The\n`py/modification-of-locals`\n\nquery no longer flags modifications to a`locals()`\n\ndictionary after it has passed out of the scope where it was created, reducing false positives.\n\n**Swift**\n\n- We’ve improved CryptoKit modeling for the\n`swift/weak-sensitive-data-hashing`\n\nand`swift/weak-password-hashing`\n\nqueries. These queries may now detect additional results.\n\n**GitHub Actions**\n\n- We’ve updated the\n`actions/pr-on-self-hosted-runner`\n\nquery to recognize the latest standard runner labels, reducing false positives. - We’ve corrected the name, description, and alert message for\n`actions/untrusted-checkout/medium`\n\nto clarify that it applies to a nonprivileged context.\n\nFor a full list of changes, please refer to the complete [changelog for version 2.26.0](https://codeql.github.com/docs/codeql-overview/codeql-changelog/codeql-cli-2.26.0/). Every new version of CodeQL is automatically deployed to users of GitHub code scanning on github.com. The new functionality in CodeQL 2.26.0 will also be included in a future GitHub Enterprise Server (GHES) release. If you use an older version of GHES, you can [manually upgrade your CodeQL version](https://docs.github.com/enterprise-server@3.20/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access).", "url": "https://wpnews.pro/news/codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection", "canonical_source": "https://github.blog/changelog/2026-07-10-codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection", "published_at": "2026-07-10 20:40:56+00:00", "updated_at": "2026-07-10 21:14:04.249984+00:00", "lang": "en", "topics": ["developer-tools", "ai-safety", "ai-policy"], "entities": ["GitHub", "CodeQL", "Kotlin", "OpenAI", "Anthropic", "Google GenAI"], "alternates": {"html": "https://wpnews.pro/news/codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection", "markdown": "https://wpnews.pro/news/codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection.md", "text": "https://wpnews.pro/news/codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection.txt", "jsonld": "https://wpnews.pro/news/codeql-2-26-0-adds-kotlin-2-4-0-support-and-ai-prompt-injection-detection.jsonld"}}