Microsoft: >> Visual Studio Code Security Vulnerabilities
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network.
CVSS Score
8.0
EPSS Score
0.001
Published
2025-11-20
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
CVSS Score
5.0
EPSS Score
0.001
Published
2025-11-11
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-09-12
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-05-13
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-04-12
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVSS Score
7.3
EPSS Score
0.005
Published
2025-03-11
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.002
Published
2025-02-11
Visual Studio Code Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.008
Published
2025-02-11
Visual Studio Code for Linux Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.004
Published
2024-10-08
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
CVSS Score
8.8
EPSS Score
0.022
Published
2024-10-08
Page 1