CVE-2026-45496

Summary

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

Affected Software

VendorProductVersion RangeStatus
MicrosoftVisual Studio Code1.0.0 < 1.128.1affected

Weaknesses

  • CWE-22: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

References