HIGH 8.4

CVE-2026-45482: Path Traversal in Visual Studio Code and GitHub Copilot

A path traversal vulnerability in GitHub Copilot and Visual Studio Code allows an attacker to bypass a local security feature by manipulating file paths. An unauthorized party can exploit this flaw on a compromised or shared machine without requiring special privileges or user interaction, potentially gaining unauthorized access to sensitive files or directories that should be restricted.

Source data · NVD / CISA · public domain

CVSS
3.1 · 8.4 HIGH · CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weaknesses (CWE)
CWE-22
Affected products
1 configuration(s)
Published / Modified
2026-06-09 / 2026-07-09

NVD description (verbatim)

Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

1 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-45482 is a path traversal vulnerability (CWE-22) affecting Visual Studio Code and GitHub Copilot. The flaw stems from improper validation of pathname input, permitting an attacker to traverse directory boundaries and access resources outside an intended restricted directory. The vulnerability requires local access (AV:L) but no privileges (PR:N) or user interaction (UI:N), making it exploitable from a local context. The impact is high across confidentiality, integrity, and availability (C:H/I:H/A:H), with a CVSS 3.1 score of 8.4.

Business impact

This vulnerability poses a moderate-to-significant risk to organizations where developers share machines or work in shared development environments. Threat actors with local access—whether through compromised accounts, physical access, or supply-chain insertion—can bypass security controls designed to isolate Copilot or VS Code settings, potentially exfiltrating source code, API keys, authentication tokens, or other sensitive configuration data. For enterprises relying on VS Code as a primary development platform, this could enable lateral movement and credential theft within the development pipeline.

Affected systems

Microsoft Visual Studio Code and GitHub Copilot are affected. The vulnerability is local in nature, meaning it requires an attacker to already have access to the system where VS Code or Copilot is installed. Organizations should inventory all instances of VS Code in their environment, including developer workstations, CI/CD agents, and shared development servers.

Exploitability

The vulnerability is straightforward to exploit in local attack scenarios. No privileges or user interaction are required, and the attack vector is entirely local. However, exploitation is not currently listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, suggesting no widespread in-the-wild exploitation has been documented at the time of publication. Nonetheless, the low barrier to entry makes this a high-priority fix in environments where developer machines are at elevated risk.

Remediation

Apply security patches from Microsoft as soon as they become available. Verify patch availability through the Visual Studio Code release notes and GitHub Copilot security advisories. In parallel, implement compensating controls: enforce strong filesystem permissions and access controls on development machines, restrict local account creation, enable audit logging of file access within VS Code workspaces, and consider disabling Copilot features in high-risk environments pending patch deployment.

Patch guidance

Monitor Microsoft's official security advisories and Visual Studio Code GitHub repository for patched versions. Update VS Code to the latest stable release and ensure GitHub Copilot extension is current. Test patches in a staging environment before broad deployment to confirm no functionality regression in your CI/CD pipelines or development workflows. Prioritize patching shared development machines and CI/CD agents first.

Detection guidance

Monitor filesystem access logs for unusual path traversal patterns in directories where VS Code stores configuration, cache, and Copilot settings. Look for processes spawned by VS Code or Copilot attempting to access files outside their intended workspace. Endpoint Detection and Response (EDR) solutions should flag suspicious file access by these applications, especially attempts to read files containing credentials or source code. Review audit logs for unauthorized access to restricted directories on developer workstations.

Why prioritize this

This vulnerability merits immediate attention due to its high CVSS score (8.4), the absence of privilege requirements, and the absence of user interaction—hallmarks of easily exploitable flaws. The attack surface is local but significant in shared or potentially compromised development environments. Although not yet in the KEV catalog, the security feature bypass nature and high confidentiality impact make it a prime target for targeted attacks against development infrastructure. Organizations should prioritize patching within 30 days.

Risk score, explained

The CVSS 3.1 score of 8.4 reflects the combination of high impact (full confidentiality, integrity, and availability compromise) and a low attack complexity (local access without privileges or user interaction). The vulnerability does not affect system confidentiality at a network level, but the local impact is severe, particularly in shared or compromised endpoint scenarios. The high score underscores the need for rapid remediation in development environments.

Frequently asked questions

Can this vulnerability be exploited remotely?

No. This is a local attack vector (AV:L), meaning the attacker must already have access to the system where VS Code or Copilot is installed. Remote exploitation is not possible, but any threat actor with local access—including malware, a compromised account, or an insider—can potentially exploit it.

Does the vulnerability require VS Code to be running when exploited?

The vulnerability enables bypassing a local security feature, but the specific conditions for exploitation depend on how the path traversal is triggered. Review the vendor security advisory for precise technical requirements, including whether the application must be active or whether the flaw can be triggered through file system state alone.

Is this vulnerability actively being exploited in the wild?

As of the publication date, this vulnerability is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, indicating no widespread in-the-wild exploitation has been publicly documented. However, this does not guarantee the vulnerability will remain unexploited; prompt patching is essential.

What should development teams do immediately?

First, patch VS Code and GitHub Copilot to the latest versions as soon as they are available. Second, enforce strong access controls on development machines, including filesystem permissions, multi-factor authentication, and audit logging. Third, consider temporarily disabling Copilot features in high-risk development environments if patches are delayed. Monitor your development fleet for suspicious file access patterns using EDR or SIEM tools.

This analysis is provided for informational purposes and reflects the state of the vulnerability at publication. Patch version numbers, vendor advisories, and exploitation timelines are subject to change; always consult official Microsoft and GitHub security advisories for authoritative remediation steps. Organizations should validate patch compatibility with their specific VS Code configurations and workflows before broad deployment. SEC.co does not provide exploit code or weaponized proof-of-concept details. Source: NVD (public-domain), retrieved 2026-07-16. Analysis generated by SEC.co (claude-haiku-4-5).