microsoft visual_studio_2022 CVE Vulnerabilities (137)

CVEs: 137 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting microsoft visual_studio_2022 (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 2140 of 137 CVEs
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-21256 Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code over a network. [email protected] 8.8 1.10% 2026-02-10 2026-06-17
CVE-2025-62214 Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally. [email protected] 6.7 0.96% 2025-11-11 2026-06-17
CVE-2025-55315 Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network. [email protected] 9.9 65.84% 2025-10-14 2026-06-17
CVE-2025-55248 Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network. [email protected] 4.8 0.68% 2025-10-14 2026-06-17
CVE-2025-55240 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. [email protected] 7.3 0.34% 2025-10-14 2026-06-17
CVE-2025-53773 Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally. [email protected] 7.8 2.56% 2025-08-12 2026-06-17
CVE-2025-49739 Improper link resolution before file access ('link following') in Visual Studio allows an unauthorized attacker to elevate privileges over a network. [email protected] 8.8 0.77% 2025-07-08 2026-06-17
CVE-2025-47959 Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code over a network. [email protected] 7.1 5.81% 2025-06-12 2026-06-17
CVE-2025-30399 Untrusted search path in .NET and Visual Studio allows an unauthorized attacker to execute code over a network. [email protected] 7.5 0.89% 2025-06-12 2026-06-17
CVE-2025-26646 External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network. [email protected] 8.0 1.06% 2025-05-13 2026-06-17
CVE-2025-32703 Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally. [email protected] 5.5 0.43% 2025-05-13 2026-06-17
CVE-2025-32702 Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally. [email protected] 7.8 0.53% 2025-05-13 2026-06-17
CVE-2025-29804 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. [email protected] 7.3 1.23% 2025-04-08 2026-06-17
CVE-2025-29802 Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally. [email protected] 7.3 0.85% 2025-04-08 2026-06-17
CVE-2025-26682 Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. [email protected] 7.5 1.54% 2025-04-08 2026-06-17
CVE-2025-25003 Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. [email protected] 7.3 0.42% 2025-03-11 2026-06-17
CVE-2025-24998 Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally. [email protected] 7.3 0.42% 2025-03-11 2026-06-17
CVE-2025-24070 Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. [email protected] 7.0 0.91% 2025-03-11 2026-06-17
CVE-2025-21206 Visual Studio Installer Elevation of Privilege Vulnerability [email protected] 7.3 0.68% 2025-02-11 2026-06-17
CVE-2025-21405 Visual Studio Elevation of Privilege Vulnerability [email protected] 7.3 0.51% 2025-01-14 2026-06-17
cvelogic Threat Intelligence