CVE-2024-49050 HIGH

CVE-2024-49050: Visual Studio Code Python Extension Remote Code Execution Vulnerability

Vendor Microsoft

Product Python extension for Visual Studio Code

Weakness CWE-501

Published November 12, 2024

Last update July 8, 2025

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

What the vulnerability does

Description

Visual Studio Code Python Extension Remote Code Execution Vulnerability

Key dates

November 12, 2024 CVE published

July 8, 2025 Record updated

CVE CVE-2024-49050

CWE CWE-501

CVSS 8.8 / HIGH

Vendor Microsoft

Product Python extension for Visual Studio Code

Affected ≥ 2020 and < 2024.18.2