Analyzed
about 20 hours
ago.
based on code collected
2 days
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2026-21523 | High | Feb 10, 2026 | Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network. |
0.44.2, 1.106.2, 1.106.1, 1.106.0, 1.105.1, 1.105.0, 1.104.3, 1.104.2, 1.104.1, 1.104.0
|
|
| CVE-2026-21518 | High | Feb 10, 2026 | Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized att more... |
0.44.2, 1.106.2, 1.106.1, 1.106.0, 1.105.1, 1.105.0, 1.104.3, 1.104.2, 1.104.1, 1.104.0
|
|
| CVE-2025-64660 | BDSA-2025-29576 | High | Nov 20, 2025 | Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to execute code over a network. |
0.44.2, 1.106.1, 1.106.0, 1.105.1, 1.105.0, 1.104.3, 1.104.2, 1.104.1, 1.104.0, 1.103.2
|
| CVE-2025-62453 | Medium | Nov 11, 2025 | Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally more... |
0.44.2, 1.104.3, 1.104.2, 1.104.1, 1.104.0, 1.103.2, 1.103.0, 1.103.1, 1.102.3, 1.102.2
|
|
| CVE-2025-55319 | Critical | Sep 12, 2025 | Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network. |
0.44.2, 1.103.2, 1.103.0, 1.103.1, 1.102.3, 1.102.2, 1.102.1, 1.102.0, 1.101.2, 1.101.1
|
|
| CVE-2025-32726 | Medium | Apr 12, 2025 | Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally. |
0.44.2, 1.99.0, 1.98.2, 1.98.1, 1.98.0, 1.97.2, 1.97.1, 1.97.0, 1.96.4, 1.96.3
|
|
| CVE-2025-26631 | High | Mar 11, 2025 | Uncontrolled search path element in Visual Studio Code allows an authorized attacker to elevate privileges locally. |
0.44.2, 1.97.2, 1.97.1, 1.97.0, 1.96.4, 1.96.3, 1.96.2, 1.96.1, 1.96.0, 1.95.3
|
|
| CVE-2025-24042 | High | Feb 11, 2025 | Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability |
0.44.2, 1.97.0, 1.96.4, 1.96.3, 1.96.2, 1.96.1, 1.96.0, 1.95.3, 1.95.2, 1.95.1
|
|
| CVE-2025-24039 | High | Feb 11, 2025 | Visual Studio Code Elevation of Privilege Vulnerability |
0.44.2, 1.97.0, 1.96.4, 1.96.3, 1.96.2, 1.96.1, 1.96.0, 1.95.3, 1.95.2, 1.95.1
|
|
| CVE-2025-21264 | High | May 13, 2025 | Files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. |
0.44.2, 1.100.0, 1.99.3, 1.99.2, 1.99.1, 1.99.0, 1.98.2, 1.98.1, 1.98.0, 1.97.2
|
