Critical Vulns Hit 4 VS Code Extensions, 1.2B Downloads
💡1.2B-download VS Code extensions have RCE vulns—affecting Cursor—check your setup now!
⚡ 30-Second TL;DR
What Changed
4 VS Code extensions have critical vulns like RCE and file exfiltration
Why It Matters
Millions of developers using these extensions face supply chain risks, potentially compromising AI dev workflows. Highlights vulnerabilities in popular tools, urging immediate patches and ecosystem improvements.
What To Do Next
Audit your VS Code extensions for Live Server and disable any of the 4 vulnerable ones immediately.
🧠 Deep Insight
Web-grounded analysis with 9 cited sources.
🔑 Enhanced Key Takeaways
- •OX Security disclosed critical vulnerabilities in four VS Code extensions—Live Server (CVE-2025-65717, CVSS 9.1, 72M+ downloads), Code Runner (CVE-2025-65715, CVSS 7.8, 37M downloads), Markdown Preview Enhanced (CVE-2025-65716, CVSS 8.8, 8.5M downloads), and Microsoft Live Preview (no CVE, 11M+ downloads)—totaling over 125-128 million installs, enabling file exfiltration, RCE, and network reconnaissance[1][2][3][4][5].
- •Exploits rely on social engineering: tricking developers into visiting malicious websites while extensions run localhost servers (e.g., Live Server at port 5500), opening crafted Markdown files, or applying malicious settings.json configs[1][2][3][4][5].
- •Vulnerabilities affect VS Code, Cursor, and Windsurf AI IDEs; three remain unpatched as maintainers did not respond to disclosures since June 2025, while Microsoft silently fixed Live Preview in v0.4.16 (September 2025)[1][3][4][5].
- •Attack tactics include TA0009 (Collection), TA0007 (Discovery), TA0002 (Execution), risking theft of API keys, configs, and network pivoting[2][3].
- •Mitigations: Disable unnecessary extensions, avoid untrusted links/configs/Markdown while servers run, update regularly, firewall localhost, monitor settings[3][4].
🛠️ Technical Deep Dive
CVE-2025-65717 (Live Server v5.7.9): Malicious webpage JavaScript interacts with localhost:5500 HTTP server to recursively enumerate and exfiltrate files[1][2][8].
- CVE-2025-65715 (Code Runner): Social engineering alters settings.json to execute arbitrary commands[2][3].
- CVE-2025-65716 (Markdown Preview Enhanced): Malicious Markdown previews HTML/JS, scans local network ports, exfiltrates data[1][2][3].
- Microsoft Live Preview (pre-0.4.16): One-click XSS via malicious site JS targeting localhost to enumerate/exfiltrate root files, credentials[1][3][4][5].
🔮 Future ImplicationsAI analysis grounded in cited sources
Exposes supply chain risks in dev tools, urging stricter VS Code extension reviews, sandboxing, and defenses for AI IDEs like Cursor; highlights need for rapid patching and awareness to prevent widespread developer machine compromises and data leaks.
⏳ Timeline
📎 Sources (9)
Factual claims are grounded in the sources below. Forward-looking analysis is AI-generated interpretation.
- infosecurity-magazine.com — Vulnerabilities vs Code Cursor
- secpod.com — Supply Chain Risk Critical Flaws Identified in Popular vs Code Extensions
- bleepingcomputer.com — Flaws in Popular Vscode Extensions Expose Developers to Attacks
- thehackernews.com — Critical Flaws Found in Four vs Code
- csoonline.com — Flaws in Four Popular vs Code Extensions Left 128 Million Installs Open to Attack
- esecurityplanet.com — Xss Bug in vs Code Extension Exposed Local Files
- socradar.io — Vs Code Extension Cves Rce
- nvd.nist.gov — Cve 2025 65717
- britec.com — 7175
Weekly AI Recap
Read this week's curated digest of top AI events →
👉Related Updates
ASML EUV Rumours and China's Semiconductor Reality
AirPods Maker Luxshare Eyes $3 Billion Hong Kong Listing
SF Holding and J&T Express complete cross-shareholding deal
Challenges in EV battery recycling and global compliance
AI-curated news aggregator. All content rights belong to original publishers.
Original source: ITmedia AI+ (日本) ↗