CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26631 – Visual Studio Code Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-26631
11 Mar 2025 — Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26631 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24042 – Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24042
11 Feb 2025 — Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24042 • CWE-284: Improper Access Control •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24039 – Visual Studio Code Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2025-24039
11 Feb 2025 — Visual Studio Code Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24039 • CWE-427: Uncontrolled Search Path Element •
CVSS: 10.0EPSS: 6%CPEs: 2EXPL: 0CVE-2024-49050 – Visual Studio Code Python Extension Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-49050
12 Nov 2024 — Visual Studio Code Python Extension Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49050 • CWE-501: Trust Boundary Violation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49049 – Visual Studio Code Remote Extension Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-49049
12 Nov 2024 — Visual Studio Code Remote Extension Elevation of Privilege Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49049 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0CVE-2024-43488 – Visual Studio Code extension for Arduino Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43488
08 Oct 2024 — Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43488 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43601 – Visual Studio Code for Linux Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-43601
08 Oct 2024 — Visual Studio Code for Linux Remote Code Execution Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43601 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 10%CPEs: 1EXPL: 0CVE-2024-26165 – Visual Studio Code Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-26165
12 Mar 2024 — Visual Studio Code Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Visual Studio Code • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26165 • CWE-256: Plaintext Storage of a Password •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2023-36742 – Visual Studio Code Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-36742
12 Sep 2023 — Visual Studio Code Remote Code Execution Vulnerability Vulnerabilidad de Ejecución Remota de Código del Visual Studio Code • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36742 •
CVSS: 6.6EPSS: 1%CPEs: 1EXPL: 0CVE-2023-33144 – Visual Studio Code Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-33144
13 Jun 2023 — Visual Studio Code Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144 • CWE-23: Relative Path Traversal •