CVE Catalog

CVE-2026-47292

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.33%

24th percentile - higher than 24% of all known CVEs

Summary

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.

Risk Assessment

An attacker may gain elevated privileges on the system, potentially leading to serious security breaches.

Recommendation

It is recommended to limit the use of unknown extensions and regularly update Visual Studio Code to the latest version.

Original NVD description (English source)

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS