Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/13 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or trunca...

7.6CVSS6.2AI score0.00268EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/12 8:6 p.m.29 views

CVE-2026-54056 Kitty has an arbitrary file overwrite via symlink following in `kitten dnd` remote drop staging

Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...

7.6CVSS0.00268EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/12 8:6 p.m.10 views

CVE-2026-54056

Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...

7.6CVSS5.7AI score0.00268EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/06/12 8:6 p.m.6 views

CVE-2026-54056 Kitty has an arbitrary file overwrite via symlink following in `kitten dnd` remote drop staging

Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, kitten dnd can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote text/uri-list drops are staged in a temporary directory, but on case-sensitiv...

7.6CVSS5.6AI score0.00268EPSS
Exploits1References1
CVE
CVE
added 2026/06/12 8:6 p.m.15 views

CVE-2026-54056

Kitty (GPU-based terminal) vulnerability CVE-2026-54056 affects versions 0.47.0–0.47.1 where a remote drag-and-drop via kitten dnd staging can overwrite or truncate arbitrary files writable by the local user. The attack chains a staged remote text/uri-list, exploiting a race in staging where a st...

7.6CVSS5.7AI score0.00268EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder