CVE-2022-41034

HIGH

Visual Studio Code < 1.72.1 - Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-41034. PoCs published by andyhsu024, h00die, Zemnmez, including Metasploit module exploits/multi/misc/vscode_ipynb_remote_dev_exec.

AI-analyzed exploit summary This Metasploit module exploits CVE-2022-41034, a vulnerability in VSCode's handling of Jupyter notebooks (.ipynb files). It leverages embedded HTML/JavaScript to open new terminal windows and execute arbitrary commands, achieving remote code execution (RCE).

Description

Visual Studio Code Remote Code Execution Vulnerability

Exploits (2)

metasploit WORKING POC EXCELLENT
by h00die, Zemnmez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/vscode_ipynb_remote_dev_exec.rb

This Metasploit module exploits CVE-2022-41034, a vulnerability in VSCode's handling of Jupyter notebooks (.ipynb files). It leverages embedded HTML/JavaScript to open new terminal windows and execute arbitrary commands, achieving remote code execution (RCE).

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: VSCode versions 1.4.0 to 1.71.1
No auth needed
Prerequisites: Victim must open a malicious .ipynb file · Network access to serve the malicious file
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.6747
EPSS Percentile 99.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

Status published
Products (1)
microsoft/visual_studio_code < 1.72.1
Published Oct 11, 2022
Tracked Since Feb 18, 2026