Microsoft Visual_studio_code

4 CVEs affecting Microsoft Visual_studio_code. Latest disclosed: 2026-05-12. Critical: 0, High: 3.

Top CVEs affecting Microsoft Visual_studio_code
CVE	Severity	Score	Published	Summary
`CVE-2026-41613`	High	`8.8`	2026-05-12	Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
`CVE-2026-41109`	High	`8.8`	2026-05-12	Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized a…
`CVE-2026-41611`	High	`7.8`	2026-05-12	Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally.
`CVE-2026-41610`	Medium	`6.3`	2026-05-12	Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security…