Skip to main content

Visual Studio EUVDEUVD-2026-44356

| CVE-2026-47305 HIGH
Protection Mechanism Failure (CWE-693)
2026-07-14 microsoft GHSA-5q8c-4c69-36xr
7.8
CVSS 3.1 · Vendor: microsoft
Temporal: 6.8
Share

Severity by source

Vendor (microsoft) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
ENISA EUVD
HIGH
qualitative
CIRCL (temporal)
6.8 MEDIUM
cvss
vuln.today AI
7.8 HIGH

Local IDE flaw requiring the victim to open crafted content (AV:L, UI:R) with no prior privileges (PR:N), yielding full local code execution and high C/I/A in an unchanged scope.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (microsoft).

CVSS VectorVendor: microsoft

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Analysis Generated
Jul 14, 2026 - 20:09 vuln.today
CVE Published
Jul 14, 2026 - 18:45 nvd
HIGH 7.8

DescriptionCVE.org

Protection mechanism failure in Visual Studio allows an unauthorized attacker to execute code locally.

AnalysisAI

Local code execution in Microsoft Visual Studio (2022 versions 17.12 and 17.14, and 2026 version 18.7) stems from a protection mechanism failure that lets an unauthorized attacker run arbitrary code once a victim is convinced to open or interact with a malicious project, file, or solution. Microsoft has published a fix, but there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious VS project/solution
Delivery
Deliver via repo, PR, or phishing
Exploit
Developer opens file in Visual Studio
Execution
Protection mechanism bypassed
Impact
Arbitrary code executes as user

Vulnerability AssessmentAI

Exploitation Exploitation requires local access and mandatory user interaction (CVSS UI:R): the victim must open or load attacker-supplied content - a crafted project, solution, or file - in an affected Visual Studio build (2022 17.12, 2022 17.14, or 2026 18.7). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, 7.8 High) signals that exploitation is local and requires user interaction (UI:R) - typically opening a crafted project or file - but needs no prior privileges (PR:N) and has low attack complexity, yielding full C/I/A impact within an unchanged scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker crafts a malicious Visual Studio project or solution and delivers it to a developer via a phishing email, a pull request, a shared repository, or a downloaded code sample. When the developer opens the project in an affected Visual Studio build, the failed protection mechanism is bypassed and attacker-controlled code executes locally in the developer's context. …
Remediation Patch available per vendor advisory: apply the servicing update for your channel from the MSRC guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47305, which covers Visual Studio 2022 17.12, 2022 17.14, and 2026 18.7 - install the update through the Visual Studio Installer or your managed update process and confirm the build number matches the advisory's fixed version. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all instances of affected Visual Studio versions (2022 versions 17.12 and 17.14, 2026 version 18.7) and communicate risk to development teams with guidance to avoid opening untrusted projects pending remediation. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-32177 HIGH POC
7.3 May 12

Local privilege escalation in Microsoft .NET Framework (versions 3.5 through 10.0) and Visual Studio 2017 occurs through

CVE-2026-47303 HIGH
8.8 Jul 14

Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged

CVE-2026-47300 HIGH
8.8 Jul 14

Privilege elevation in ASP.NET Core (bundled with .NET 8.0, 9.0, and 10.0) lets an already-authenticated, low-privileged

CVE-2026-32175 MEDIUM POC
4.3 May 12

A tampering vulnerability exists when .NET Core improperly handles specially crafted files. An attacker who successfully

CVE-2026-50528 HIGH
8.2 Jul 14

Security feature bypass in Microsoft .NET (versions 8.0, 9.0, and 10.0) lets a remote, unauthenticated attacker circumve

CVE-2026-47304 HIGH
8.1 Jul 14

Security feature bypass in Microsoft .NET (shipped via Visual Studio 2022 17.12/17.14 and Visual Studio 2026 18.7) lets

CVE-2026-50646 HIGH
7.8 Jul 14

Local code execution in Microsoft .NET (Framework 3.5 through 4.8.1, .NET 8.0/9.0, and Visual Studio 2022/2026) arises f

CVE-2026-50649 HIGH
7.8 Jul 14

Local code execution in Microsoft .NET 8.0 and 9.0 (and bundled Visual Studio 2022/2026 toolchains) arises from unsafe d

CVE-2026-50650 HIGH
7.8 Jul 14

Local privilege elevation in Microsoft .NET Framework (and .NET 8.0/9.0 plus Visual Studio 2022/2026) via code injection

CVE-2026-47302 HIGH
7.5 Jul 14

Denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) and the legacy .NET Framework (3.5 through 4.8.1) allo

CVE-2026-50524 HIGH
7.5 Jul 14

Remote denial of service in Microsoft .NET (versions 8.0, 9.0, and 10.0) allows an unauthenticated network attacker to c

CVE-2026-50651 HIGH
7.5 Jul 14

Network denial of service in Microsoft .NET 8.0, 9.0, and 10.0 (and the corresponding Visual Studio 2022/2026 tooling) a

Share

EUVD-2026-44356 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy