Unrated severityNVD Advisory· Published Nov 11, 2025· Updated Feb 13, 2026
Microsoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass Vulnerability
CVE-2025-62449
Description
Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code CoPilot Chat Extension allows an authorized attacker to bypass a security feature locally.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 0.27.0
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62449mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.