80 matches found
CVE-2026-46709 Tabby: Drag-and-drop path injection still allows RCE via shell command substitution (incomplete fix for CVE-2026-45038)
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such as $… and …, so the incomplete CVE-2026-45038 fix for...
EUVD-2026-44692
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such as $… and …, so the incomplete CVE-2026-45038 fix for...
CVE-2026-46709
Tabby (Terminus) prior to 1.0.234 is vulnerable to a local RCE via drag-and-drop path injection. The vulnerability occurs because Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters (e.g., $(…) and …)....
CVE-2026-46709 Tabby: Drag-and-drop path injection still allows RCE via shell command substitution (incomplete fix for CVE-2026-45038)
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.234, Tabby inserts dropped file paths from tabby-electron/src/pathDrop.ts into the active shell without neutralizing command substitution metacharacters such as $… and …, so the incomplete CVE-2026-45038 fix for...
PT-2026-60200
Name of the Vulnerable Software and Affected Versions Tabby versions prior to 1.0.234 Description Tabby inserts dropped file paths from the tabby-electron/src/pathDrop.ts file into the active shell without neutralizing command substitution metacharacters, such as $… and …. This allows for code...
CVE-2026-45037
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without validating the protocol scheme. This allows a malicious SSH or Telnet server to send crafted termina...
CVE-2026-45035
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...
CVE-2026-45038
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...
CVE-2026-45035
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...
CVE-2026-45036
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
CVE-2026-45037
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without validating the protocol scheme. This allows a malicious SSH or Telnet server to send crafted termina...
CVE-2026-45038
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...
CVE-2026-45038
Tabby (formerly Terminus) vulnerability CVE-2026-45038 affects the terminal emulator prior to version 1.0.233. The issue arises because Tabby does not escape control characters in file paths during drag-and-drop, which can lead to code execution. Impact is described as high for confidentiality, i...
CVE-2026-45038
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...
CVE-2026-45038 Tabby: Dragging and Dropping a File into Tabby Can Lead to Code Execution
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...
CVE-2026-45038 Tabby: Dragging and Dropping a File into Tabby Can Lead to Code Execution
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...
CVE-2026-45038 Tabby: Dragging and Dropping a File into Tabby Can Lead to Code Execution
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233...
CVE-2026-45036
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
CVE-2026-45036 Tabby auto-confirms ZMODEM detection on terminal output, leading to shell command execution from displayed file content under fish, bash, and zsh
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...
EUVD-2026-30567
Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...