PT-2026-30337

Name of the Vulnerable Software and Affected Versions Coder/code-marketplace versions through 2.4.1 Description A Zip Slip vulnerability allows a malicious VSIX file to write arbitrary files outside the extension directory. The ExtractZip function passes raw zip entry names to a callback that...

CVE-2026-27800

Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...

CVE-2026-27800

Zed, a code editor, has a Zip Slip Path Traversal vulnerability exists in its extension archive extraction functionality prior to version 0.224.4. The extractzip function in crates/util/src/archive.rs fails to validate ZIP entry filenames for path traversal sequences e.g., ../. This allows a...

PT-2026-22048

Name of the Vulnerable Software and Affected Versions Zed versions prior to 0.224.4 Description A Zip Slip Path Traversal issue exists in the extension archive extraction functionality. The extract zip function, located in crates/util/src/archive.rs, does not validate ZIP entry filenames for path...

Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst

Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format starting from Apple A17 iOS / M3 macOS, decoding is done in hardware. However,...