Jun 2026: Visual Studio Code Elevation of Privilege Vulnerability
CVE-2026-47281 Published on June 9, 2026
Visual Studio Code Elevation of Privilege Vulnerability
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
Weakness Types
What is an AuthZ Vulnerability?
The software does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2026-47281 has been classified to as an AuthZ vulnerability or weakness.
Missing Authentication for Critical Function
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Products Associated with CVE-2026-47281
Want to know whenever a new CVE is published for Microsoft Visual Studio Code? stack.watch will email you.
Affected Versions
Microsoft Visual Studio Code:- Version 1.0.0 and below 1.123.1 is affected.