CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2025-8217

unknowncovered by 2 sourcesfirst seen 2026-06-05
Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/07/23 6:00 PM PDT Updated Date: 2025/07/25 6:00 PM PDT Description: Amazon Q Developer for Visual Studio Code (VS Code) Extension is a development tool that integrates Amazon Q's AI-powered coding assistance directly into the VS Code integrated development environment (IDE). AWS is aware of and has addressed an issue in the Amazon Q Developer for VS Code Extension, which is assigned to CVE-2025-8217. AWS Security has inspected the code and determined the malicious code was distributed with the extension but was unsuccessful in executing due to a syntax error. This prevented the malicious code from making changes to any services or customer environments. We will update this bulletin if we have additional information to share. Affected version: Amazon Q Developer for Visual Studio Code Extension (version 1.84.0)

CSIRTS triage

What
Malicious code was distributed with the extension but failed to execute due to a syntax error.
Who is affected
Users of the Amazon Q Developer Extension for Visual Studio Code version 1.84.0.
Urgency
Remediation is necessary as the malicious code was present, although it did not execute.
Action
Update to the latest version of the Amazon Q Developer Extension for Visual Studio Code.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2025-8217

Get an email if CVE-2025-8217 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2025-8217

CVE.org record

Embed the live status

CVE-2025-8217 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2025-8217 status](https://www.csirts.com/badge/CVE-2025-8217)](https://www.csirts.com/cve/CVE-2025-8217)