What the vulnerability does
01Description
Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.
CVE-2026-48569
HIGH
CVE-2026-48569: Visual Studio Code Security Feature Bypass Vulnerability
CVSS base score
7.1/10
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
June 9, 2026
CVE published
June 15, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2019-1697 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Lightweight Directory Access Protocol Denial of Service Vulnerability
CVE-2026-23840 Movary vulnerable to Cross-site Scripting with `?categoryDeleted=` param
CVE-2017-7509
CVE-2020-3116 Cisco Webex Centers Denial of Service Vulnerability
CVE-2024-31153
