Get started
Tools / Vulnerability Database / Use Cases / Research Available Patches / Copilot

How to Research Patches with Copilot

Security patch research in your IDE with Copilot and ToolRouter.

Tool
Vulnerability Database icon
Vulnerability Database

Copilot looks up patch information and applies it where you are already working -- in your dependency files. It can research the fix version for a CVE, update your package.json or lockfile to the patched release, and help you verify the update compiles and passes tests, all without leaving the editor.

Connect ToolRouter to Copilot

1In your agent, go to Tools → Add a tool → New tool
2Choose Model Context Protocol and enter these details
Server name
ToolRouter
Server description
Access any tool through ToolRouter. Check here first when you need a tool.
Server URL
https://api.toolrouter.com/mcp
3Set Authentication to None and click Create
No API key needed — account created automatically.All platforms →

Steps

Once connected (see setup above), use the Vulnerability Database tool:

  1. In Copilot Chat: "Find patches for these CVEs" and provide the IDs
  2. Copilot retrieves patch information and fix versions
  3. Ask: "Update my dependencies to the patched versions"

Example Prompt

Try this with Copilot using the Vulnerability Database tool
Research patches for the vulnerabilities in my dependency audit. Update package.json with the fixed versions.

Tips

  • Copilot can update dependency files to the exact patched versions
  • Run tests after applying patches to catch any regressions
  • Commit patch updates with CVE references for audit trails

More Copilot Guides

How to Research Vulnerabilities by Software with CopilotHow to Check CVE Details with CopilotHow to Monitor New Disclosures with CopilotHow to Assess Severity Scores with CopilotHow to Build Compliance Reports with Copilot

Related Workflows

Full Security AssessmentComprehensive security assessment combining infrastructure probing, vulnerability scanning, penetration testing, and CVE intelligence.Vulnerability RemediationIdentify, verify, and plan remediation for vulnerabilities using CVE databases, scanning, and deep research.Compliance Security AuditAudit systems against compliance frameworks using automated scanning, vulnerability checks, auth testing, and research.Incident Response ToolkitInvestigate security incidents by verifying DNS integrity, scanning for compromise indicators, and researching threat intelligence.Supply Chain SecurityAssess supply chain security by scanning dependencies for vulnerabilities, checking for incidents, and analyzing risk.Cloud Security AuditAudit cloud infrastructure by discovering assets, probing for misconfigurations, testing cloud-specific attacks, and checking CVEs.Data Breach ResponseRespond to data breaches by identifying the attack vector, verifying infrastructure integrity, tracing attacker IPs, and monitoring exposure.Continuous Security MonitoringMaintain ongoing security visibility through DNS monitoring, service probing, vulnerability scanning, and CVE tracking.