โ† Back to Dashboard

CVE-2026-44466

HIGH NVD
CVSS Score
8.6
Severity
HIGH
Source
NVD
Published
May 28, 2026
Description

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowlisted command like echo. This vulnerability is fixed in 0.229.0.

View Full Details โ† Back