PT-2026-58207 · Microsoft · Visual Studio Code
Published
2026-07-14
·
Updated
2026-07-14
·
CVE-2026-50520
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally.
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Visual Studio Code