15201 matches found
Zed 后置链接漏洞
Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.225.9 contained a post-link vulnerability. This vulnerability stemmed from symbolic link escapes in the Agent file tool, which could lead to the exposure of sensitive data...
Zed 路径遍历漏洞
Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.224.4 contained a path traversal vulnerability. This vulnerability stemmed from the extension’s archive extraction function, which did not validate the path traversal sequences in the filenames of ZIP archives, potential...
CVE-2026-27976 Zed Extension Sandbox Escape via Tar Symlink Following
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor asynctar::Archive::unpack creates symlinks from the archive without validation, and the path guard writeablepathfromextension only performs lexical prefix checks without resolving...
CVE-2026-27976
Zed code editor’s extension installer is affected by CVE-2026-27976 prior to version 0.224.4. The tar extractor (async_tar::Archive::unpack) creates symlinks from archives without validation, and the path guard (writeable_path_from_extension) relies on lexical checks without resolving symlinks. A...
EUVD-2026-8777
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
EUVD-2026-8773
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800 Zed has Zip Slip Path Traversal in Extension Archive Extraction
Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...
CVE-2026-27800
Zed code editor prior to 0.224.4 is vulnerable to Zip Slip in extension archive extraction. The extract_zip() function in crates/util/src/archive.rs does not validate ZIP entry filenames for path traversal (e.g., ../), allowing a malicious extension to write outside the sandbox by downloading and...
DRUPAL-CONTRIB-2026-011
This module enables you to add icons to CKEditor. The module doesn't sufficiently add custom permissions to the dialog and autocomplete routes, allowing full access to the routes in most scenarios...
EUVD-2026-8605
The SPIP interfacetraductionobjets plugin versions prior to 4.3.3 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...
CVE-2026-27745
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...
CVE-2026-27747
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...
CVE-2026-27745
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated remote code execution vulnerability in the translation interface workflow. The plugin incorporates untrusted request data into a hidden form field that is rendered without SPIP output filtering. Because...
CVE-2026-27745
The CVE-2026-27745 entry concerns the SPIP plugin interface_traduction_objets, affected when using versions prior to 4.3.3. An authenticated attacker with editor-level privileges can exploit an authenticated RCE vulnerability by injecting crafted content into a hidden form field populated with un...
CVE-2026-27747 SPIP interface_traduction_objets < 2.2.2 Authenticated SQL Injection
The SPIP interfacetraductionobjets plugin versions prior to 2.2.2 contain an authenticated SQL injection vulnerability in interfacetraductionobjetspipelines.php. When handling translation requests, the plugin reads the idparent parameter from user-supplied input and concatenates it directly into ...