CVE-2022-41034

HIGH

Visual Studio Code - RCE

Title source: llm

Description

Visual Studio Code Remote Code Execution Vulnerability

Exploits (2)

nomisec NO CODE
by andyhsu024 · poc
https://github.com/andyhsu024/CVE-2022-41034
metasploit WORKING POC EXCELLENT
by h00die, Zemnmez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/vscode_ipynb_remote_dev_exec.rb

References (2)

Scores

CVSS v3 7.8
EPSS 0.6370
EPSS Percentile 98.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
microsoft/visual_studio_code < 1.72.1
Published Oct 11, 2022
Tracked Since Feb 18, 2026