57 matches found
CVE-2026-42850
A flaw was found in Kitty, a cross-platform GPU based terminal. A remote attacker could exploit this vulnerability by sending a specially crafted escape code to a victim who is connected to the attacker via a program like netcat. This escape code triggers an unescaped error that is then executed ...
Linux Distros Unpatched Vulnerability : CVE-2026-42850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special...
CVE-2026-42850
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...
DEBIAN-CVE-2026-42850
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...
CVE-2026-42850 Kitty has a shell command injection
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...
CVE-2026-42850
CVE-2026-42850 affects the Kitty terminal (GPU-based, cross-platform). In versions prior to 0.47.0, an injection is possible through a crafted kitty error that is echoed back to the terminal with CRLF and executed by the user’s shell. The attack requires the victim to connect to the attacker (e.g...
CVE-2026-42850 Kitty has a shell command injection
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...
EUVD-2020-14580
Malware in sbrugna...
EUVD-2017-16503
Malware in sbrugna...
EUVD-2025-10005
Malicious code in bioql PyPI...
EUVD-2023-54425
Malicious code in bioql PyPI...
EUVD-2025-13516
Malicious code in bioql PyPI...
EUVD-2024-29362
Malicious code in bioql PyPI...
CVE-2024-31482
An unauthenticated Denial-of-Service DoS vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point...
CVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value...
CVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value...
CVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value...
CVE-2025-21475
CVE-2025-21475 describes memory corruption in Qualcomm chipsets when handling an escape code, triggered by passing a large unsigned value for DisplayId . Affected software/hardware: Qualcomm chipsets (details not expanded in provided documents). The root cause is memory corruption in the escape c...
PT-2025-19883 · Qualcomm · Snapdragon +34
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption that occurs while processing an escape code. This happens when the DisplayId is passed with a large unsigned value. Recommendations: At the moment,...
CVE-2025-21421
Memory corruption while processing escape code in API...