CVE-2021-26700 (Note: this manual is valid for DSNS lab's members only) Intruduction This is a remote code execution (RCE) vulnerability that resided in an extension of Visual Studio Code (VS Code) called npm, which was developed by Microsoft and was aimed to support running the npm scripts defined in the packagejson file To exploit this vulnerability, the attacker migh