Описание
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges, obtain sensitive information, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Visual Studio Code can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Microsoft Visual Studio Code CoPilot Chat can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in .NET SDK can be exploited remotely to gain privileges.
- A tampering vulnerability in .NET can be exploited remotely to spoof user interface.
- A denial of service vulnerability in ASP.NET Core can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Microsoft Live Share Canvas SDK can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Visual Studio Code can be exploited remotely to obtain sensitive information.
- A tampering vulnerability in Visual Studio Code can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Visual Studio Code MSSQL Extension can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Visual Studio Code can be exploited remotely to bypass security restrictions.
Первичный источник обнаружения
- CVE-2026-48569
- CVE-2026-47287
- CVE-2026-47281
- CVE-2026-47284
- CVE-2026-45482
- CVE-2026-45490
- CVE-2026-45491
- CVE-2026-45591
- CVE-2026-45644
- CVE-2026-47292
Связанные продукты
Список CVE
- CVE-2026-40376 critical
- CVE-2026-45482 critical
- CVE-2026-45490 critical
- CVE-2026-45491 high
- CVE-2026-45591 critical
- CVE-2026-45644 critical
- CVE-2026-47281 critical
- CVE-2026-47284 high
- CVE-2026-47287 high
- CVE-2026-47292 critical
- CVE-2026-48569 high
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!