CVE Vulnerabilities

CVE-2025-49714

Trust Boundary Violation

Published: Jul 08, 2025 | Modified: Jul 16, 2025

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Vulnerability-free packages from our partners

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-49714
CWE	https://cwe.mitre.org/data/definitions/501.html

Trust boundary violation in Visual Studio Code - Python extension allows an unauthorized attacker to execute code locally.

Weakness

The product mixes trusted and untrusted data in the same data structure or structured message.

Affected Software

Name	Vendor	Start Version	End Version
Python	Microsoft	*	2025.8.1 (excluding)

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49714

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.