5 matches found
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967
CVE-2026-27967 affects Zed code editor before 0.225.9. A symlink escape in Agent file tools (read_file, edit_file) lets reading/writing files outside the project directory when a project contains external symlinks, bypassing workspace boundaries and privacy protections (file_scan_exclusions, priv...
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
PT-2026-22049
Name of the Vulnerable Software and Affected Versions Zed versions prior to 0.225.9 Description A symlink escape issue exists in Zed, a code editor, within the Agent file tools read file, edit file. This allows reading and writing files outside the project directory when the project contains...