Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2025-32726

Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.

Published: Apr 12, 2025
Updated: May 4, 2025
CVE: CVE-2025-32726
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
microsoft / visual_studio_code	-	1.99.1

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32726