CVE-2021-26437: Visual Studio Code Spoofing Vulnerability

Overview

Severity

Medium (CVSS 5.5)

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Category

Spoofing

Exploit Status

Not Exploited

Exploitation Likelihood

Less Likely

Patch Tuesday

2021-Sep

Released

2021-09-14

EPSS Score

3.77% (percentile: 88.0%)

Affected Products (1)

Developer Tools

• Visual Studio Code

Security Updates (1)

• Release Notes

Acknowledgments

Ron Masas with <a href="https://breakpointhq.com/">BreakPoint</a>, <a href="https://twitter.com/justinsteven">Justin Steven</a>

Revision History

• 2021-09-14: Information published.