Lucene search
+L

4 matches found

NVD
NVD
added 2026/06/12 8:16 p.m.14 views

CVE-2026-42851

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, an issue body in a TUI, etc. — can cause kitty to execute...

7.8CVSS0.00164EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.18 views

PT-2026-48968

Name of the Vulnerable Software and Affected Versions Kitty versions prior to 0.47.0 Description A flaw allows a program capable of writing bytes to the terminal—such as a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, or an issue body in a TUI—to...

7.8CVSS5.8AI score0.00164EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/19 6:4 p.m.15 views

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.8AI score0.00286EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/19 5:36 p.m.45 views

CVE-2026-33633 Kitty has a Heap Buffer Overflow in its Graphics Protocol Handler

Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG...

7.5CVSS0.00367EPSS
Exploits1References2
Rows per page
Query Builder