CVE-2026-25931
Published: 09 February 2026
Summary
CVE-2026-25931 is a high-severity Incorrect Default Permissions (CWE-276) vulnerability in Google (inferred from references). Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 6.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-11 (User-installed Software) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Requires timely identification, reporting, and patching of flaws like the improper handling of cSpell.trustedWorkspace in vscode-spell-checker prior to v4.5.4, directly enabling update to the fixed version.
Mandates validation of untrusted configuration inputs such as cSpell.trustedWorkspace against the VS Code workspace-trust state to block execution of malicious JavaScript config files.
Enforces organizational policies to restrict or monitor user installation of VS Code extensions like vscode-spell-checker, preventing deployment of vulnerable versions.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability bypasses VS Code workspace trust to execute attacker-controlled .cspell.config.js/.ts files (Node.js) upon user opening malicious workspace/file, directly enabling T1204.002 (Malicious File) for initial access and T1059.007 (JavaScript) for code execution.
NVD Description
vscode-spell-checker is a basic spell checker that works well with code and documents. Prior to v4.5.4, DocumentSettings._determineIsTrusted treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. The value defaults to true (package.json) and is read from workspace configuration each…
more
time settings are fetched. The code coerces any truthy value to true and forwards it to ConfigLoader.setIsTrusted , which in turn allows JavaScript/TypeScript configuration files ( .cspell.config.js/.mjs/.ts , etc.) to be located and executed. Because no VS Code workspace-trust state is consulted, an untrusted workspace can keep the flag true and place a malicious .cspell.config.js ; opening the workspace causes the extension host to execute attacker-controlled Node.js code with the user’s privileges. This vulnerability is fixed in v4.5.4.
Deeper analysisAI
CVE-2026-25931 affects the vscode-spell-checker extension for Visual Studio Code, versions prior to 4.5.4. The vulnerability stems from the DocumentSettings._determineIsTrusted function, which treats the configuration value cSpell.trustedWorkspace as the authoritative trust flag. This value defaults to true in package.json and is read from workspace configuration each time settings are fetched. The code coerces any truthy value to true and passes it to ConfigLoader.setIsTrusted, enabling the location and execution of JavaScript or TypeScript configuration files such as .cspell.config.js, .mjs, or .ts, without consulting VS Code's workspace-trust state.
An attacker can exploit this by crafting a malicious workspace where cSpell.trustedWorkspace is set to true and a malicious .cspell.config.js file is included. A user with local access (AV:L) must open the workspace (UI:R), at which point the extension host executes the attacker-controlled Node.js code with the user's privileges. No special privileges are required (PR:N), and successful exploitation grants high confidentiality, integrity, and availability impact (C:H/I:H/A:H), as rated by the CVSS 3.1 score of 7.8. The issue relates to CWE-276 (Incorrect Default Permissions), CWE-807 (Untrusted Input to Unsafe Function), and CWE-829 (Inclusion of Functionality from Untrusted Control Sphere).
The vulnerability is fixed in vscode-spell-checker version 4.5.4. The GitHub security advisory (GHSA-mggq-68mr-58vj) and release notes detail the patch, with the specific commit f39af9a3a6f2a939a57171a24161ed735d41c575 implementing the correction to properly respect VS Code's workspace-trust state. Security practitioners should update to v4.5.4 or later and review workspaces for suspicious .cspell config files.
Details
- CWE(s)