AI description
CVE-2025-65717 is a security vulnerability identified in the Live Server extension for Visual Studio Code, affecting version 5.7.9 and potentially all versions. This flaw allows attackers to exfiltrate local files from a developer's machine. The vulnerability is exploited when a user, with the Live Server extension actively running, is enticed to visit a malicious website. Once the malicious website is accessed, embedded JavaScript within the page can crawl and extract files from the local development HTTP server that the Live Server extension operates, typically on `localhost:5500`. These stolen files can then be transmitted to a domain under the attacker's control. This issue was reported by OX Security researchers in August 2025, but as of recent reports, it remains unpatched.
- Description
- An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-79
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
33
🚨 Critical VS Code Extension Flaws Put 128M+ Installs at Risk of File Theft and Remote Code Execution High-to-critical vulnerabilities in popular VS Code extensions—Live Server (CVE-2025-65715), Code Runner (CVE-2025-65716), Markdown Preview Enhanced (CVE-2025-65717), and
@ThreatSynop
19 Feb 2026
89 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
VS Codeの人気拡張機能4つ(累計 1億2,850万インストール超 )に重大脆弱性が発見されました。 🙅 未修正 ・Live Server(72M)CVE-2025-65717(9.1) ・Markdown Preview Enhanced(8.5M) ・Code Runner(37M) 🙆♂️ 修正済み M
@shimabu_it
19 Feb 2026
47324 Impressions
45 Retweets
379 Likes
265 Bookmarks
3 Replies
5 Quotes
🚨 125M+ VS Code Installs at Risk: 4 Popular Extensions Enable File Exfiltration & Remote Code Execution OX Security disclosed high/critical flaws across Live Server (CVE-2025-65717), Code Runner (CVE-2025-65715), and Markdown Preview Enhanced (CVE-2025-65716), plus an issu
@ThreatSynop
18 Feb 2026
160 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
VSCodeの人気拡張機能複数に脆弱性。Ox Security社報告。Code Runner (CVE-2025-65715)、Markdown Preview Enhanced (CVE-2025-65716)…Markdown Preview Enhanced (CVE-2025-65717)、Microsoft Live Preview(CVE未採番)。 https://t.co/pdjft1uOcU
@__kokumoto
18 Feb 2026
1368 Impressions
3 Retweets
7 Likes
4 Bookmarks
2 Replies
0 Quotes
I disclosed these vulnerabilities and got issued 3 out of 4 CVEs CVE-2025-65715: Code Runner (37M+) CVE-2025-65716: Markdown Preview Enhanced (8.5M+) CVE-2025-65717: Live Server (72M+) No CVE (but fixed): Live Preview by Microsoft (11M+) https://t.co/herjrTX2Vx
@MosheTov
17 Feb 2026
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We Found 4 Vulnerabilities in IDE Extensions With Over 120M(!) Downloads 3 of them were issued a CVE & the only one without a CVE is the only one that was fixed.. WHAT? 😶 CVE-2025-65715: Code Runner CVE-2025-65716: Markdown CVE-2025-65717: Live Server https://t.co/herj
@MosheTov
17 Feb 2026
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-65717 File Exfiltration Vulnerability in Visual Studio Code Liv... https://t.co/wEImtW2CJx Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd
@VulmonFeeds
16 Feb 2026
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes