CVE Catalog
CVE-2026-47292
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk0.33%
24th percentile - higher than 24% of all known CVEs
Summary
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.
Risk Assessment
An attacker may gain elevated privileges on the system, potentially leading to serious security breaches.
Recommendation
It is recommended to limit the use of unknown extensions and regularly update Visual Studio Code to the latest version.
Original NVD description (English source)
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.

