Lucene search
K

4967 matches found

Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.24 views

PT-2026-49958

Name of the Vulnerable Software and Affected Versions MySQL Shell Shell for VS Code version 2026.2.0+9.6.1 Description An issue in the Shell for VS Code component of MySQL Shell allows a low-privileged attacker with network access via HTTP to compromise the software. Successful exploitation can...

9.9CVSS5.8AI score0.00521EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

Security Updates for Microsoft Visual Studio Products (June 2026)

The Microsoft Visual Studio Products are missing a security update. It is, therefore, affected by a denial of service vulnerability: - Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network. CVE-2026-45591 Note that Nessus has not tested f...

7.5CVSS5.2AI score0.0243EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/15 7:32 p.m.17 views

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview aka Famous Chollima, HexagonalRodent, and Void Dokkaebi. According to a report published by Proofpoint, the threat actor has...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2026/06/11 7:0 p.m.219 views

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.12 views

VS Code Extension Persistence

This Metasploit module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.9 views

CVE-2026-47284

Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network...

6.5CVSS5.4AI score0.00763EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.8 views

CVE-2026-47287

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.8 views

CVE-2026-48569

Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

7.1CVSS5.5AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.8 views

CVE-2026-47292

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.5AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.8 views

CVE-2026-47281

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

9.6CVSS5.5AI score0.00591EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.12 views

CVE-2026-45482

Improper limitation of a pathname to a restricted directory 'path traversal' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS5.5AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.11 views

CVE-2026-40376

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

8.1CVSS5.5AI score0.00671EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35502

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00368EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.25 views

EUVD-2026-35698

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.20 views

EUVD-2026-35536

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.5AI score0.00671EPSS
Exploits0References2
NCSC
NCSC
added 2026/06/09 6:23 p.m.19 views

vulnerabilities handled in Microsoft Developer Tools

Microsoft has addressed vulnerabilities in Developer Tools. A malicious actor could exploit these vulnerabilities to carry out attacks that can cause various types of damage, as described in the tables below. Except for the vulnerability in .NET Core, where no prior authentication or user...

9.6CVSS5.7AI score0.0243EPSS
Exploits0
NVD
NVD
added 2026/06/09 5:17 p.m.15 views

CVE-2026-48569

Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

7.1CVSS0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.9 views

CVE-2026-47284

Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network...

6.5CVSS0.00763EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.16 views

CVE-2026-47287

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS0.00622EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-47292

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS0.00368EPSS
Exploits0References1
Rows per page
Query Builder