CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability

...

CVE-2025-21264

Visual Studio Code (VS Code) is affected by CVE-2025-21264, a local vulnerability described as a security feature bypass. The issue permits an unauthorized, local attacker to bypass a security feature due to how VS Code handles files/directories accessible to external parties and trusted domains....

CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability

...

Visual Studio Code Security Feature Bypass Vulnerability

Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

Microsoft Visual Studio Code 安全漏洞

Microsoft Visual Studio Code is an open source code editor from Microsoft USA. A security vulnerability exists in Microsoft Visual Studio Code. An attacker exploiting the vulnerability can bypass certain features...

KLA90915 SB vulnerability in Microsoft Visual Studio Code

A security feature bypass vulnerability was found in Microsoft Visual Studio Code. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2025-21264 Exploitation Related products Microsoft-Visual-Studio Visual-Studio-Code Microsoft-Visual-Studio-Co...

PT-2025-20936 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue allows an unauthorized attacker to bypass a security feature locally in Visual Studio Code when files or directories are accessible to external parties. Recommendations...

KLA83571 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. A security feature bypas...

Security Update for Microsoft Visual Studio Code (May 2025)

The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.100.1. It is, therefore, affected by an unspecified security feature bypass vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported...

CVE-2025-32726

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...

CVE-2025-32726

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...

CVE-2025-32726

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...

CVE-2025-32726

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...

CVE-2025-32726 Visual Studio Code Elevation of Privilege Vulnerability

...

CVE-2025-32726

CVE-2025-32726 describes an improper access-control flaw in Visual Studio Code that enables an authorized local attacker to elevate privileges. The entry is supported by multiple sources (NVD, RH, OSV, CIRCL, MSRC) confirming the core issue as a local privilege-escalation in VS Code. CVSS v3.1 me...

CVE-2025-32726 Visual Studio Code Elevation of Privilege Vulnerability

...

PT-2025-16159 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue involves improper access control in Visual Studio Code, allowing an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no...

The vulnerability of Visual Studio Code’s source editor, related to access control deficiencies, allows attackers to escalate their privileges.

The vulnerability of Visual Studio Code’s source editor is related to lack of access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Visual Studio Code Elevation of Privilege Vulnerability

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...

Visual Studio Code Elevation of Privilege Vulnerability

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally...