CVE-2026-12856
- EPSS 0.29%
- Veröffentlicht 29.06.2026 12:33:52
- Zuletzt bearbeitet 09.07.2026 13:16:50
A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markdown content in JavaDoc hovers, allowing a malicious Java file to include hidden commands. If a user ...
CVE-2026-50519
- EPSS 0.51%
- Veröffentlicht 19.06.2026 20:28:35
- Zuletzt bearbeitet 29.06.2026 15:13:21
Initialization of a resource with an insecure default in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network.
CVE-2026-48569
- EPSS 0.35%
- Veröffentlicht 09.06.2026 17:17:45
- Zuletzt bearbeitet 12.06.2026 16:57:37
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-47287
- EPSS 0.62%
- Veröffentlicht 09.06.2026 17:17:34
- Zuletzt bearbeitet 15.06.2026 14:15:49
Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.
CVE-2026-47284
- EPSS 0.76%
- Veröffentlicht 09.06.2026 17:17:34
- Zuletzt bearbeitet 15.06.2026 14:15:15
Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network.
CVE-2026-47281
- EPSS 0.59%
- Veröffentlicht 09.06.2026 17:17:33
- Zuletzt bearbeitet 09.07.2026 00:17:21
Missing authorization in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-45591
- EPSS 2.43%
- Veröffentlicht 09.06.2026 17:17:26
- Zuletzt bearbeitet 30.06.2026 03:20:04
Uncontrolled resource consumption in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-40376
- EPSS 0.67%
- Veröffentlicht 09.06.2026 17:17:06
- Zuletzt bearbeitet 11.06.2026 18:56:11
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-41613
- EPSS 0.52%
- Veröffentlicht 12.05.2026 16:59:32
- Zuletzt bearbeitet 15.05.2026 14:23:50
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-41611
- EPSS 0.42%
- Veröffentlicht 12.05.2026 16:58:56
- Zuletzt bearbeitet 15.05.2026 15:05:19
Improper neutralization of script-related html tags in a web page (basic xss) in Visual Studio Code allows an unauthorized attacker to execute code locally.