Microsoft Visual Studio 2022 Version 17.13 vulnerabilities
8 known vulnerabilities affecting microsoft/microsoft_visual_studio_2022_version_17.13.
Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH7MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-32702HIGHCVSS 7.8≥ 17.13.0, < 17.13.72025-05-13
CVE-2025-32702 [HIGH] CWE-77 CVE-2025-32702: Improper neutralization of special elements used in a command ('command injection') in Visual Studio
Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an unauthorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-26646HIGHCVSS 8.0≥ 17.13.0, < 17.13.72025-05-13
CVE-2025-26646 [HIGH] CWE-73 CVE-2025-26646: External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allo
External control of file name or path in .NET, Visual Studio, and Build Tools for Visual Studio allows an authorized attacker to perform spoofing over a network.
cvelistv5nvd
CVE-2025-32703MEDIUMCVSS 5.5≥ 17.13.0, < 17.13.72025-05-13
CVE-2025-32703 [MEDIUM] CWE-200 CVE-2025-32703: Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclos
Insufficient granularity of access control in Visual Studio allows an authorized attacker to disclose information locally.
cvelistv5nvd
CVE-2025-29804HIGHCVSS 7.3≥ 17.13.0, < 17.13.62025-04-08
CVE-2025-29804 [HIGH] CWE-284 CVE-2025-29804: Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally
Improper access control in Visual Studio allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-26682HIGHCVSS 7.5≥ 17.13.0, < 17.13.62025-04-08
CVE-2025-26682 [HIGH] CWE-770 CVE-2025-26682: Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
cvelistv5nvd
CVE-2025-24070HIGHCVSS 7.0≥ 17.13.0, < 17.13.32025-03-11
CVE-2025-24070 [HIGH] CWE-1390 CVE-2025-24070: Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate p
Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network.
cvelistv5nvd
CVE-2025-24998HIGHCVSS 7.3≥ 17.13.0, < 17.13.32025-03-11
CVE-2025-24998 [HIGH] CWE-427 CVE-2025-24998: Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privilege
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-25003HIGHCVSS 7.3≥ 17.13.0, < 17.13.32025-03-11
CVE-2025-25003 [HIGH] CWE-427 CVE-2025-25003: Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privilege
Uncontrolled search path element in Visual Studio allows an authorized attacker to elevate privileges locally.
cvelistv5nvd