CRITICAL

CVE-2026-47281 Visual Studio Code Elevation of Privilege Vulnerability

Microsoft Security Response Center • Jun 09, 2026

MEDIUM

VS Code adds 2-hour delay for extension updates to combat supply chain threats

SC Media • Jun 08, 2026

CRITICAL

VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

The Hacker News • Jun 08, 2026

MEDIUM

Hole in GitHub’s browser-based VSCode editor could lead to stolen token

CSO Online • Jun 04, 2026

HIGH

1-Click GitHub Token Stealing via a VSCode Bug

Reddit r/netsec • Jun 02, 2026

HIGH

VS Code WARNING: 3800 repos hacked

David Bombal • May 21, 2026

HIGH

GitHub confirms breach of 3,800 repos via malicious VSCode extension

BleepingComputer • May 20, 2026

HIGH

Compromising Cline's Production Releases just by Prompting an Issue Triager

Reddit r/netsec • Feb 19, 2026

HIGH

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

The Hacker News • Feb 18, 2026

HIGH

Flaws in four popular VS Code extensions left 128 million installs open to attack

CSO Online • Feb 18, 2026

HIGH

Flaws in popular VSCode extensions expose developers to attacks

BleepingComputer • Feb 17, 2026

MEDIUM

VS Code Configs Expose GitHub Codespaces to Attacks

SecurityWeek • Feb 05, 2026

HIGH

Clawdbot Malware

John Hammond • Jan 27, 2026

HIGH

Open VSX Publisher Account Hijacked in Fresh GlassWorm Attack

SecurityWeek • Feb 02, 2026

HIGH

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

Dark Reading • Jan 22, 2026

HIGH

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

The Hacker News • Jan 28, 2026