Known vulnerabilities in Microsoft Visual Studio Code

Vendor: Microsoft

Website: https://www.microsoft.com

Total Security Bulletins: 37

Security bulletins (37)

Secuity bulletin	Severity	Status	Published
SB2025111203: Improper Validation of Generative AI Output in Microsoft Visual Studio Code and GitHub Copilot	Low	Patched	12.11.2025
SB2025091211: Remote code execution in Agentic AI and Visual Studio Code	High	Patched	12.09.2025
SB20250513124: Security Feature Bypass in Microsoft Visual Studio Code	Low	Patched	13.05.2025
SB2025041203: Privilege escalation in Visual Studio Code	Low	Patched	12.04.2025
SB2025040960: Privilege escalation in Microsoft Visual Studio Code	Low	Patched	09.04.2025
SB20250311100: Untrusted search path in Microsoft Visual Studio Code	Medium	Patched	11.03.2025
SB20250211120: Insecure DLL loading in Microsoft Visual Studio Code	Low	Patched	11.02.2025
SB2024100925: Command Injection in Microsoft Visual Studio Code for Linux	Medium	Patched	09.10.2024
SB2024100923: Missing Authentication for Critical Function in Microsoft Visual Studio Code extension for Arduino	High	Patched	09.10.2024
SB20240312336: Privilege escalation in Microsoft Visual Studio Code	Medium	Patched	12.03.2024
SB2023101840: Visual Studio Code update for libvpx	Critical	Patched Exploited	18.10.2023
SB2023091324: Remote code execution in Microsoft Visual Studio Code	High	Patched	13.09.2023
SB2023091323: Remote code execution in Microsoft Visual Studio Code	Medium	Patched	13.09.2023
SB2023061372: Information disclosure in Visual Studio Code	Low	Patched	13.06.2023
SB20230509119: Information disclosure in Microsoft Visual Studio Code	Low	Patched	09.05.2023
SB2023041148: Remote code execution in Microsoft Visual Studio Code	High	Patched	11.04.2023
SB2023011083: Remote code execution in Microsoft Visual Studio Code	High	Patched	10.01.2023
SB2022101161: Multiple vulnerabilities in Microsoft Visual Studio Code	High	Patched Public exploit	11.10.2022
SB2022091408: Privilege escalation in Microsoft Visual Studio Code	Medium	Patched	14.09.2022
SB2022051028: Remote code execution in Microsoft Visual Studio Code	High	Patched	10.05.2022
SB2022050207: Privilege escalation in Microsoft Visual Studio Code	Low	Patched	02.05.2022
SB2022030824: Spoofing attack in Visual Studio Code	Medium	Patched	08.03.2022
SB2022020823: Remote code execution in Microsoft Visual Studio Code Remote Development Extension	High	Patched	08.02.2022
SB2021121467: Multiple vulnerabilities in Microsoft Visual Studio Code	High	Patched Public exploit	14.12.2021
SB2021110923: Privilege escalation in Microsoft Visual Studio Code	Low	Patched	09.11.2021
SB2021091447: Spoofing attack in Microsoft Visual Studio Code	Medium	Patched	14.09.2021
SB2021071361: Multiple vulnerabilities in Microsoft Visual Studio Code	High	Patched	13.07.2021
SB2021071353: Spoofing attack in Microsoft Visual Studio	Low	Patched	13.07.2021
SB2021051140: Multiple vulnerabilities in Microsoft Visual Studio Code	High	Patched	11.05.2021
SB2021041355: Remote code execution in Microsoft Remote Development Extension for Visual Studio	High	Patched	13.04.2021
SB2021041309: Multiple vulnerabilities in Microsoft Visual Studio Code	High	Patched	13.04.2021
SB2021030957: Remote code execution in Microsoft Visual Studio Code	High	Patched	09.03.2021
SB2020101603: Remote code execution in Visual Studio Code	High	Patched	16.10.2020
SB2020101363: Remote code execution in Microsoft Visual Studio Code Python Extension	Medium	Patched	13.10.2020
SB2020090831: Remote code execution in Microsoft Visual Studio Code	High	Patched	08.09.2020
SB2019101709: Privilege escalation in Visual Studio Code	Low	Patched	17.10.2019
SB2018062625: Untrusted search path in Microsoft Visual Studio Code	High	Patched	26.06.2018