An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege Vulnerability'.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1414