{"id":216965,"date":"2026-02-19T05:45:00","date_gmt":"2026-02-19T10:45:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/19\/flaws-in-popular-ide-extensions-allow-data-exfiltration\/"},"modified":"2026-02-24T12:30:11","modified_gmt":"2026-02-24T17:30:11","slug":"flaws-in-popular-ide-extensions-allow-data-exfiltration","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/19\/flaws-in-popular-ide-extensions-allow-data-exfiltration\/","title":{"rendered":"Flaws in Popular IDE Extensions Allow Data Exfiltration"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/vulnerabilities-vs-code-cursor\/\">Flaws in Popular IDE Extensions Allow Data Exfiltration<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/vulnerabilities-vs-code-cursor\/\">https:\/\/www.infosecurity-magazine.com\/news\/vulnerabilities-vs-code-cursor\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-19 05:45:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>Researchers at OX Security have detected four vulnerabilities in three of the most popular integrated development environments (IDEs) that could lead to cyber-attacks.<\/p>\n<p>In a report published on February 17, OX Security shared details about the four new flaws, including two high-severity and one critical, affecting Microsoft Visual Studio Code (VS Code).<\/p>\n<p>These vulnerabilities also impact Cursor and Windsurf, two forks of VS Code that provide AI-assisted software development tools (aka \u2018vibe coding\u2019 platforms).<\/p>\n<p>The affected extensions were collectively downloaded over 128 million times.<\/p>\n<p>The researchers warned that despite disclosing the vulnerabilities to these platforms\u2019 maintainers in July and August 2025 through multiple channels, including direct email, their GitHub pages and social networks, none have yet responded.<\/p>\n<p>Three of the vulnerabilities were disclosed by MITRE on February 16 and allocated a common vulnerabilities and exposures (CVE) identifier.<\/p>\n<h2><strong>Vulnerabilities Affecting VS Code and \u2018Vibe Coding\u2019 Forks<\/strong><\/h2>\n<p>The vulnerabilities described include:<\/p>\n<ul>\n<li>CVE-2025-65717 (CVSS v3.1 score: 9.1) is a vulnerability in the Live Server extension for VS Code \u2013 with over 72 million downloads \u2013 that allows a remote, unauthenticated attacker to exfiltrate files from a developer\u2019s local machine. OX Security warned that attackers only need to send a malicious link to the victim while Live Server is running in the background to exploit the flaw<\/li>\n<li>CVE-2025-65716 (CVSS v3.1 score: 8.8) is a vulnerability in Markdown Preview Enhanced, a VS Code extension with over 8.5 million downloads designed to provide a richer Markdown authoring experience. It allows attackers to exploit how Markdown files preview HTML tags in order to execute arbitrary JavaScript code, which is able to communicate with localhost, allowing maliciously crafted Markdown files to scan the current local network and exfiltrate data to a remote server<\/li>\n<li>CVE-2025-65715 (CVSS v3.1 score: 7.8) is a&#8230;<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/vulnerabilities-vs-code-cursor\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Flaws in Popular IDE Extensions Allow Data Exfiltration https:\/\/www.infosecurity-magazine.com\/news\/vulnerabilities-vs-code-cursor\/ Publish Date: 2026-02-19 05:45:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":216966,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/f6296db0-cf32-40c8-a638-7694654e878c.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,31,27],"class_list":["post-216965","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216965"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=216965"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216965\/revisions"}],"predecessor-version":[{"id":216967,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216965\/revisions\/216967"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/216966"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=216965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=216965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=216965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}