CVE-2026-41612

Summary

Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally.

Affected Software

VendorProductVersion RangeStatus
MicrosoftVisual Studio Code - Live Preview extension0.4.0 < 0.4.19affected

Weaknesses

  • CWE-23: CWE-23: Relative Path Traversal
  • CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References