Trust Boundary Violation in Visual Studio Code - Python Extension by Microsoft
CVE-2025-49714
7.8HIGH
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 8 July 2025
What is CVE-2025-49714?
A trust boundary violation in the Visual Studio Code Python extension permits unauthorized attackers to execute code locally. This vulnerability arises from inadequate isolation of tasks within the development environment that can allow exploitation if the attacker successfully sends crafted inputs. It’s crucial for users to apply updates and patches to mitigate risks associated with this flaw.
Affected Version(s)
Python extension for Visual Studio Code Unknown 2020 < 2025.8.1