A security researcher has publicly disclosed an unpatched Visual Studio Code vulnerability that lets an attacker steal a victim’s GitHub authentication token with a single link click.
The researcher said he chose full disclosure over private reporting because of past frustrations with Microsoft’s security response process.
A Token With Keys to Every Repo
Researcher Ammar Askar detailed the flaw on June 2, along with a working Proof-of-Concept (PoC). The bug impacts github.dev, the browser-based version of VS Code that GitHub serves when a user opens a repository in the web editor.
To let that editor act on the user’s behalf, GitHub passes it an OAuth token that, as Askar noted, is not limited to the repository being viewed. In his words, it “has full access to every other repo that you have access to.” This includes private repositories.
The attack abuses the way VS Code’s sandboxed in-browser components communicate with the main editor, letting attacker-controlled content act as though the user were issuing commands.
Chained together, those steps install a malicious extension that reads the token and queries the GitHub API to list every private repository the victim can reach. At the time of writing, the flaw is unpatched and has no CVE.
Risk Reduction and Disclosure Frustration
Because there is no fix, the practical defense is to cut off the token the attack relies on. Askar noted that clearing cookies and local site data for github.dev forces a sign-in prompt the next time the site loads, giving a target the chance to spot something wrong and leave before any token is exposed.
Organizations can further limit exposure by favoring narrowly scoped GitHub tokens and monitoring GitHub logs for unusual OAuth activity.
Askar said he gave a GitHub security contact about an hour’s notice before publishing but framed the release as deliberate full disclosure, citing a previous case in which he said Microsoft Security Response Centre (MSRC) silently fixed a VS Code bug without credit and dismissed its security impact.
The disclosure follows a wider run of zero-days dropped outside coordinated channels by researchers with similar grievances. A researcher using the handle Nightmare Eclipse recently published a series of Windows and Defender zero-days, several now exploited in the wild.
On that occasion, Microsoft responded by reaffirming coordinated disclosure and signaling it would work with law enforcement against actors causing real harm.
Microsoft responded to Expert Insights’ request for comment but did not have further information to share at the time of publication.
