EUVD-2026-35707

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...

UBUNTU-CVE-2026-44465

Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmonitor Git configuration option. This allows an attacker to achieve Remote Code Execution RCE when a victim open a folder in untrusted mode...

EUVD-2026-32937

Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmonitor Git configuration option. This allows an attacker to achieve Remote Code Execution RCE when a victim open a folder in untrusted mode...

Zed 安全漏洞

Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.227.1 contained a security vulnerability. This vulnerability stemmed from the abuse of the core.fsmonitor Git configuration option when opening folders containing malicious.git/config files. This allowed attackers to...

PT-2024-5875 · Hashicorp +2 · Go-Getter +2

Name of the Vulnerable Software and Affected Versions: HashiCorp’s go-getter library affected versions not specified Description: The issue is related to the go-getter library's handling of Git updates on existing maliciously modified Git configurations, potentially leading to arbitrary code...