Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (316 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2006-1043 1 Microsoft 2 Visual Interdev, Visual Studio 2026-04-16 N/A
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
CVE-2001-0153 1 Microsoft 2 Visual Basic, Visual Studio 2026-04-16 N/A
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands.
CVE-2026-21518 1 Microsoft 2 Visual Studio Code, Visual Studio Code Copilot Chat Extension 2026-04-15 8.8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.
CVE-2026-21523 1 Microsoft 2 Visual Studio Code, Visual Studio Code Copilot Chat Extension 2026-04-15 8 High
Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.
CVE-2026-21257 1 Microsoft 2 Visual Studio 2022, Visual Studio 2026 2026-04-15 8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.
CVE-2026-21256 1 Microsoft 2 Visual Studio 2022, Visual Studio 2026 2026-04-15 8.8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network.
CVE-2025-21171 4 Apple, Linux, Microsoft and 1 more 7 Macos, Linux Kernel, .net and 4 more 2026-02-26 7.5 High
.NET Remote Code Execution Vulnerability
CVE-2025-21176 4 Apple, Linux, Microsoft and 1 more 25 Macos, Linux Kernel, .net and 22 more 2026-02-26 8.8 High
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21178 1 Microsoft 4 Visual Studio 2015, Visual Studio 2017, Visual Studio 2019 and 1 more 2026-02-26 8.8 High
Visual Studio Remote Code Execution Vulnerability
CVE-2025-21172 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, .net and 7 more 2026-02-26 7.5 High
.NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-24042 1 Microsoft 2 Visual Studio Code, Vscode-js-debug 2026-02-26 7.3 High
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability
CVE-2025-32702 1 Microsoft 2 Visual Studio 2019, Visual Studio 2022 2026-02-26 7.8 High
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
CVE-2025-32726 1 Microsoft 1 Visual Studio Code 2026-02-26 6.8 Medium
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges locally.
CVE-2025-26646 4 Apple, Linux, Microsoft and 1 more 9 Macos, Linux Kernel, .net and 6 more 2026-02-26 8 High
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
CVE-2025-49714 1 Microsoft 2 Python, Visual Studio Code 2026-02-26 7.8 High
Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.
CVE-2025-49739 1 Microsoft 5 Visual Studio, Visual Studio 2015, Visual Studio 2017 and 2 more 2026-02-26 8.8 High
Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-53773 2 Github, Microsoft 3 Copilot, Visual Studio, Visual Studio 2022 2026-02-26 7.8 High
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
CVE-2025-55319 1 Microsoft 1 Visual Studio Code 2026-02-26 8.8 High
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network.
CVE-2025-55240 1 Microsoft 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more 2026-02-26 7.3 High
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
CVE-2025-62214 1 Microsoft 2 Visual Studio, Visual Studio 2022 2026-02-26 6.7 Medium
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally.