Microsoft: >> Visual Studio Code Security Vulnerabilities
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-09-12
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVSS Score
7.1
EPSS Score
0.001
Published
2025-05-13
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVSS Score
6.8
EPSS Score
0.001
Published
2025-04-12
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVSS Score
7.3
EPSS Score
0.003
Published
2025-03-11
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.001
Published
2025-02-11
Visual Studio Code Elevation of Privilege Vulnerability
CVSS Score
7.3
EPSS Score
0.004
Published
2025-02-11
Visual Studio Code for Linux Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.006
Published
2024-10-08
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
CVSS Score
8.8
EPSS Score
0.038
Published
2024-10-08
Visual Studio Code Elevation of Privilege Vulnerability
CVSS Score
8.8
EPSS Score
0.028
Published
2024-03-12
Visual Studio Code Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.002
Published
2023-09-12
Page 1