CVE-2026-47292 Overview
CVE-2026-47292 is a local privilege escalation vulnerability in Microsoft Visual Studio Code. The flaw stems from the inclusion of functionality from an untrusted control sphere, categorized under [CWE-94] (Improper Control of Generation of Code). An unauthorized local attacker can leverage this weakness to elevate privileges on a vulnerable host.
Exploitation requires user interaction and local access, but successful abuse yields high impact to confidentiality, integrity, and availability. The vulnerability affects developer workstations where Visual Studio Code is widely deployed, making it a relevant target for post-compromise privilege escalation chains.
Critical Impact
A local attacker who convinces a user to interact with malicious content can execute code in an elevated context within Visual Studio Code, fully compromising the user session.
Affected Products
- Microsoft Visual Studio Code
Discovery Timeline
- 2026-06-09 - CVE-2026-47292 published to the National Vulnerability Database
- 2026-06-09 - Last updated in NVD database
Technical Details for CVE-2026-47292
Vulnerability Analysis
The vulnerability is classified under [CWE-94] Improper Control of Generation of Code, commonly described as code injection. Visual Studio Code includes functionality sourced from an untrusted control sphere, meaning the application loads or executes code or resources that an attacker can influence without adequate trust boundaries.
The attack vector is local and requires user interaction. The privileges required are none, but the user must perform an action — such as opening a crafted workspace, extension, or file — that triggers the untrusted inclusion. Once triggered, the attacker gains execution within the security context of the Visual Studio Code process, enabling local privilege escalation.
Impact across confidentiality, integrity, and availability is high. The scope is unchanged, meaning the exploit operates within the same security authority as the victim user account.
Root Cause
The root cause is the inclusion of functionality from an untrusted control sphere. Visual Studio Code's runtime accepts code or configuration from a location that an attacker can modify or supply. Because trust validation is insufficient, attacker-controlled logic executes with the privileges of the editor process. This pattern is common in extensible platforms that load workspace settings, extensions, or task definitions without strict integrity controls.
Attack Vector
An attacker crafts malicious content — for example, a repository, workspace, extension package, or task configuration — and delivers it to a developer. When the victim opens the content in Visual Studio Code, the editor loads the untrusted functionality and executes attacker code. The attacker thereby elevates privileges to those of the user running the editor. Refer to the Microsoft Security Update CVE-2026-47292 advisory for vendor-specific exploitation context.
Detection Methods for CVE-2026-47292
Indicators of Compromise
- Unexpected child processes spawned by Code.exe or code such as cmd.exe, powershell.exe, bash, or script interpreters launched from a workspace folder.
- Newly created or modified files under .vscode/ directories, including tasks.json, launch.json, or settings.json containing unusual command strings.
- Installation of unsigned or recently published Visual Studio Code extensions from untrusted publishers.
- Outbound network connections initiated by the Visual Studio Code process to uncommon hosts shortly after opening a repository.
Detection Strategies
- Monitor process lineage where Visual Studio Code is the parent of shells or scripting interpreters, especially when triggered by workspace open events.
- Alert on writes to .vscode/ configuration files within cloned repositories before user review.
- Inspect extension installation logs for sideloaded .vsix packages or extensions installed outside the official Marketplace.
Monitoring Recommendations
- Enable endpoint telemetry for command-line arguments of all processes spawned by the Visual Studio Code binary.
- Correlate developer workstation events with repository clone activity to identify malicious workspace delivery.
- Track Visual Studio Code version inventory across the fleet to confirm patch coverage.
How to Mitigate CVE-2026-47292
Immediate Actions Required
- Update Visual Studio Code to the latest patched release as published in the Microsoft Security Update CVE-2026-47292 advisory.
- Audit installed extensions and remove any that are unsigned, deprecated, or from untrusted publishers.
- Educate developers to use Workspace Trust and avoid opening untrusted repositories in a trusted window.
Patch Information
Microsoft has issued a security update for Visual Studio Code addressing CVE-2026-47292. Apply the fixed version distributed through the in-product updater or the official download channel. Consult the Microsoft Security Update CVE-2026-47292 page for build numbers and release notes.
Workarounds
- Enable Visual Studio Code Workspace Trust and keep untrusted folders in Restricted Mode until patching is complete.
- Disable automatic execution of tasks and debug configurations from newly opened workspaces.
- Restrict extension installation to an organization-approved allowlist using the extensions.allowed policy.
# Configuration example: enforce Workspace Trust via settings.json
{
"security.workspace.trust.enabled": true,
"security.workspace.trust.startupPrompt": "always",
"security.workspace.trust.untrustedFiles": "prompt",
"task.allowAutomaticTasks": "off",
"extensions.autoUpdate": true
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

