Lucene search
K
MicrosoftVisual Studio Code

63 matches found

CVE
CVE
added 2026/02/10 5:51 p.m.67 views

CVE-2026-21523

CVE-2026-21523 is a time-of-check time-of-use (TOCTOU) race condition impacting GitHub Copilot and Visual Studio . An authorized attacker could execute code over a network. The issued CVSS 3.1 score is 8.0 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: Low , User I...

8CVSS5.7AI score0.00792EPSS
CVE
CVE
added 2026/05/12 4:59 p.m.67 views

CVE-2026-41613

CVE-2026-41613 involves session fixation in Visual Studio Code that allows an unauthorized attacker to elevate privileges over a network. The connected sources corroborate the affected product as Visual Studio Code and describe the impact as privilege elevation via network access. The available d...

8.8CVSS5.8AI score0.0052EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.67 views

CVE-2026-47292

CVE-2026-47292 concerns a vulnerability in the Visual Studio Code MSSQL Extension where inclusion of functionality from an untrusted control sphere allows an attacker to escalate privileges locally. The connected documents confirm the affected product (Visual Studio Code MSSQL Extension) and the ...

7.8CVSS5.4AI score0.00368EPSS
CVE
CVE
added 2018/06/26 2:0 p.m.59 views

CVE-2018-0597

CVE-2018-0597 is an untrusted search path vulnerability in the Visual Studio Code installer. A malicious DLL located in the same directory as the installer can be loaded, enabling arbitrary code execution with the privileges of the invoking user. Affected component: the VS Code installer; root ca...

7.8CVSS7.7AI score0.0513EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.53 views

CVE-2026-41611

Technical details about CVE-2026-41611 are not provided in the supplied documents. No specifics on affected versions, root cause, or remediation are included. Monitor for updates from official sources.

7.8CVSS6AI score0.00421EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.48 views

CVE-2026-41610

Technical details about CVE-2026-41610 are not publicly available in the provided documents. Monitor for updates from official sources (e.g., vendor advisories, CVE records) for affected products, remediation steps, or confirmed exploit information.

6.3CVSS5.8AI score0.00599EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.43 views

CVE-2026-41109

Technical details are not publicly available in the provided documents; monitor for updates.

8.8CVSS5.8AI score0.00861EPSS
CVE
CVE
added 2025/11/11 5:59 p.m.36 views

CVE-2025-62453

CVE-2025-62453 affects GitHub Copilot and Visual Studio Code due to improper validation of generative AI output, enabling an authorized local attacker to bypass a security feature. Multiple sources corroborate a security feature bypass vulnerability in Visual Studio Code and Copilot Chat, with im...

5CVSS5.4AI score0.00411EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.33 views

CVE-2026-47287

CVE-2026-47287 affects Visual Studio Code. The provided documents describe a relative path traversal vulnerability that could allow tampering over a network. Per CVSS data, the attack vector is NETWORK with no privileges required but user interaction is required, and the impact includes high inte...

6.5CVSS5.5AI score0.00622EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.31 views

CVE-2026-40376

CVE-2026-40376 affects Visual Studio Code. The root cause is improper input validation, enabling an unauthorized network-based user to elevate privileges. The CVSS v3.1 base score is 7.5 (HIGH) with NETWORK attack vector, high impact on confidentiality, integrity, and availability; user interacti...

8.1CVSS5.5AI score0.00671EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.29 views

CVE-2026-45482

CVE-2026-45482 affects GitHub Copilot and Visual Studio Code (Copilot Chat extension): improper limitation of a pathname to a restricted directory enables a local attacker to bypass a security feature. Root cause is a path traversal issue in handling file paths. Impact is described as high for co...

8.4CVSS5.8AI score0.00345EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.23 views

CVE-2026-47284

Technical details about CVE-2026-47284 are not publicly available in the provided documents. No affected product versions, root cause, or remediation are specified. Monitor for updates.

6.5CVSS5.4AI score0.00763EPSS
CVE
CVE
added 2026/06/09 5:5 p.m.19 views

CVE-2026-48569

CVE-2026-48569 affects Visual Studio Code. It is caused by improper input validation in the editor, enabling a local attacker to bypass a security feature. CVSSv3.1: LOCAL attack vector, HIGH impact on confidentiality, LOW on integrity, NONE on availability; user interaction required. Details in ...

7.1CVSS5.4AI score0.0035EPSS
Total number of security vulnerabilities63