1219 matches found
EUVD-2026-29693
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-41610
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-41109 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
...
CVE-2026-41109
Technical details are not publicly available in the provided documents; monitor for updates.
CVE-2026-41610
Technical details about CVE-2026-41610 are not publicly available in the provided documents. Monitor for updates from official sources (e.g., vendor advisories, CVE records) for affected products, remediation steps, or confirmed exploit information.
CVE-2026-41109 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
...
Visual Studio Code Elevation of Privilege Vulnerability
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...
GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...
Visual Studio Code Security Feature Bypass Vulnerability
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
Visual Studio Code Remote Code Execution Vulnerability
Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...
Visual Studio Code Information Disclosure Vulnerability
Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally...
PT-2026-40246
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
PT-2026-40247
Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...
Microsoft Visual Studio Code 路径遍历漏洞
Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a path traversal vulnerability. Attackers can exploit this vulnerability to obtain sensitive information...
Microsoft Visual Studio Code 后置链接漏洞
Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a postman link vulnerability. Attackers can exploit this vulnerability to bypass certain features...
PT-2026-40249
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...
Microsoft Visual Studio Code 操作系统命令注入漏洞
Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a vulnerability related to operating system command injection. Attackers can exploit this vulnerability to gain higher privileges...
Microsoft Visual Studio Code 命令注入漏洞
Microsoft Visual Studio Code is an open-source code editor developed by the American company Microsoft. Microsoft Visual Studio Code has a command injection vulnerability. Attackers can exploit this vulnerability to execute code remotely...
PT-2026-40248
Name of the Vulnerable Software and Affected Versions Visual Studio Code affected versions not specified Description A relative path traversal issue in Visual Studio Code Live Preview allows an unauthorized attacker to disclose local information. Path traversal is a flaw that enables users to...
Researchers Uncover 73 Fake VS Code Extensions Delivering GlassWorm v2 Malware
Cybersecurity researchers have flagged dozens of Microsoft Visual Studio Code VS Code extensions on the Open VSX repository that are linked to a persistent information-stealing campaign dubbed GlassWorm. The cluster of 73 extensions has been identified as cloned versions of their legitimate...