Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (58 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-64660 1 Microsoft 1 Visual Studio Code 2025-11-26 8 High
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network.
CVE-2025-62453 2 Github, Microsoft 2 Copilot, Visual Studio Code 2025-11-26 5 Medium
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
CVE-2025-62449 1 Microsoft 3 Github Copilot Chat, Visual Studio, Visual Studio Code Copilot Chat Extension 2025-11-26 6.8 Medium
Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.
CVE-2025-62222 1 Microsoft 3 Github Copilot Chat, Visual Studio, Visual Studio Code Copilot Chat Extension 2025-11-26 8.8 High
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code CoPilot Chat Extension allows an unauthorized attacker to execute code over a network.
CVE-2025-55319 1 Microsoft 1 Visual Studio Code 2025-11-21 8.8 High
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network.
CVE-2023-36742 1 Microsoft 1 Visual Studio Code 2025-10-30 7.8 High
Visual Studio Code Remote Code Execution Vulnerability
CVE-2025-21264 1 Microsoft 1 Visual Studio Code 2025-09-10 7.1 High
Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2020-17163 1 Microsoft 2 Python, Visual Studio Code 2025-09-05 7.8 High
Visual Studio Code Python Extension Remote Code Execution Vulnerability
CVE-2020-17148 1 Microsoft 1 Visual Studio Code 2025-08-28 7.8 High
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
CVE-2021-27081 1 Microsoft 2 Eslint, Visual Studio Code Eslint Extension 2025-08-20 7.8 High
Visual Studio Code ESLint Extension Remote Code Execution Vulnerability
CVE-2021-27084 1 Microsoft 2 Maven For Java, Visual Studio Code 2025-07-30 7.8 High
Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
CVE-2021-26700 1 Microsoft 2 Npm, Visual Studio Code Npm-script Extension 2025-07-16 7.8 High
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
CVE-2023-29338 1 Microsoft 1 Visual Studio Code 2025-07-10 6.6 Medium
Visual Studio Code Spoofing Vulnerability
CVE-2025-32726 1 Microsoft 1 Visual Studio Code 2025-07-08 6.8 Medium
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVE-2024-43488 1 Microsoft 1 Visual Studio Code 2025-07-08 8.8 High
Missing authentication for critical function in Visual Studio Code extension for Arduino allows an unauthenticated attacker to perform remote code execution through network attack vector.
CVE-2024-43601 2 Linux, Microsoft 2 Linux Kernel, Visual Studio Code 2025-07-08 7.8 High
Visual Studio Code for Linux Remote Code Execution Vulnerability
CVE-2022-24526 1 Microsoft 1 Visual Studio Code 2025-07-08 6.1 Medium
Visual Studio Code Spoofing Vulnerability
CVE-2025-26631 1 Microsoft 1 Visual Studio Code 2025-07-03 7.3 High
Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVE-2025-24042 1 Microsoft 1 Visual Studio Code 2025-07-02 7.3 High
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
CVE-2025-24039 1 Microsoft 1 Visual Studio Code 2025-07-02 7.3 High
Visual Studio Code Elevation of Privilege Vulnerability