5022 matches found
CVE-2026-47305
Protection mechanism failure in Visual Studio allows an unauthorized attacker to execute code locally...
CVE-2026-47305 Visual Studio Remote Code Execution Vulnerability
...
CVE-2026-47305 Visual Studio Remote Code Execution Vulnerability
...
CVE-2026-47305
Technical details such as affected products, component versions, root cause, and mitigation are not publicly available in the provided documents. Monitor for updates from MSRC and NCSC advisories.
CVE-2026-57102
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...
CVE-2026-57101
Improper neutralization of input during web page generation 'cross-site scripting' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-50520
Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code allows an unauthorized attacker to execute code locally...
CVE-2026-47282
Insufficiently protected credentials in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network...
CVE-2026-45496
Improper limitation of a pathname to a restricted directory 'path traversal' in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-57102
CVE-2026-57102 affects Visual Studio Code. Likely risk: security feature bypass via inclusion of functionality from an untrusted control sphere, exploitable over a network with user interaction required. CVSS v3.1: 8.8 ( HIGH, NETWORK, AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ). Connected sources note...
CVE-2026-57102 Visual Studio Code Security Feature Bypass Vulnerability
...
CVE-2026-57101
Visual Studio Code is affected by CVE-2026-57101, a cross-site scripting flaw caused by improper neutralization of input during web page generation. The vulnerability allows a local attacker to bypass a security feature, requiring user interaction for exploitation (CVSS TV: Local access, Low expl...
CVE-2026-57101 Visual Studio Code Security Feature Bypass Vulnerability
...
CVE-2026-50520 Visual Studio Code Remote Code Execution Vulnerability
...
CVE-2026-50520
CVE-2026-50520: Visual Studio Code is affected by a command-injection vulnerability due to improper neutralization of special elements in a command, enabling a local attacker to execute code. The CVSS v3.1 base score is 8.4 (HIGH) with LOCAL attack vector, no user interaction required, and high i...
CVE-2026-50520 Visual Studio Code Remote Code Execution Vulnerability
...
CVE-2026-47282 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability
...
CVE-2026-45496
The CVE-2026-45496 entry describes a path traversal vulnerability in Visual Studio Code where improper limitation of a pathname to a restricted directory allows local attackers to bypass a security feature. Affected component is Visual Studio Code (path handling/file access) with the root cause b...
CVE-2026-47282
Summary: CVE-2026-47282 concerns insufficiently protected credentials in GitHub Copilot and Visual Studio Code, leading to potential information disclosure over a network. Impact and scope (as per metrics): CVSS 3.1 base score 6.5 (Medium); attack vector: NETWORK; attack complexity: LOW; privileg...
CVE-2026-47282 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability
...