There is a security vulnerability in the untrusted workspaces flow with specially crafted workspaces. ### Patches The fix is available starting with 2025.8.1 fix is: https://github.com/microsoft/vscode-python/commit/5e64d0e3963b63511a41346b88f140d5d7b684b7 ### Workarounds Check for python executables checked-into SCM before opening untrusted workspaces. ### References * The patch for this can be found at https://github.com/microsoft/vscode-python/commit/5e64d0e3963b63511a41346b88f140d5d7b684b7 * MSRC details for this can be found at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49714 * Security advisory: https://github.com/microsoft/vscode-python/security/advisories/GHSA-3jg7-gmqj-5gx7
There is a security vulnerability in the untrusted workspaces flow with specially crafted workspaces.
Patches
The fix is available starting with 2025.8.1 fix is: 5e64d0e
Workarounds
Check for python executables checked-into SCM before opening untrusted workspaces.
References