1. VS Code 1.109.0 Remote Code Execution Flaw: Workspace Trust Bypass for MCP Servers
A critical remote code execution vulnerability in Microsoft's Visual Studio Code editor exposes developers to potential attacks through a bypass of its workspace trust mechanism. The flaw, present in VS Code version 1.109.0 and earlier, allows malicious code to be executed because the editor did not consistently demand...