Description
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Tue, 14 Jul 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network. | |
| Title | Visual Studio Code Security Feature Bypass Vulnerability | |
| First Time appeared |
Microsoft
Microsoft visual Studio Code |
|
| Weaknesses | CWE-200 CWE-829 |
|
| CPEs | cpe:2.3:a:microsoft:visual_studio_code:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Microsoft
Microsoft visual Studio Code |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: microsoft
Published:
Updated: 2026-07-14T18:46:24.724Z
Reserved: 2026-06-23T18:29:51.054Z
Link: CVE-2026-57102
No data.
No data.
No data.
OpenCVE Enrichment
No data.