An issue in the code-runner.executorMap setting of Visual Studio Code Extensions Code Runner v0.12.2 allows attackers to execute arbitrary code when opening a crafted workspace.Referenceshttps://github.com/formulahendry/vscode-code-runnerhttps://www.ox.security/blog/cve-2025-65715-code-runner-vscode-rce/