The Turborepo LSP VS Code extension prior to version 2.9.14000 allows an attacker to inject arbitrary shell commands that are derived from values controlled by the workspace. These values are taken from workspace settings or task names in the repository’s source code and are interpolated into string-based command execution calls. If a malicious workspace is loaded or a task is run through the extension, the shell interprets the crafted input, enabling the attacker to execute any command with the privileges of the local VS Code process. This flaw can be exploited to compromise the confidentiality, integrity, and availability of the user’s system.

This vulnerability impacts the Turborepo LSP VS Code extension for Vercel’s Turborepo. Any installation of the extension with a version earlier than 2.9.14000 that references workspace‑controlled settings or task names is vulnerable.

The CVSS score of 8.4 indicates high severity. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, but the exploit path requires the victim to open a malicious workspace or execute a task that contains crafted values. The likely attack vector is local: a malicious code base that a user opens in VS Code or a malicious task definition that is executed through the extension. The exploitation is straightforward once the conditions are met, and the attacker obtains full command‑execution capabilities on the host running VS Code.