Vulnerabilidades en zed-industries

12 resultados

CVE-2026-27976HIGHZed Extension Sandbox Escape via Tar Symlink FollowingEPSS 0.5%CVE-2026-44462MEDIUMZed: Allowlist Bypass via Bash Variable Expansion Chain in Terminal Tool PermissionsEPSS 0.4%CVE-2026-44465HIGHZed: Zed IDE Arbitrary Code Execution via untrusted repository with poisoned .git/configEPSS 0.3%CVE-2026-27800HIGHZed has Zip Slip Path Traversal in Extension Archive ExtractionEPSS 0.3%CVE-2025-68432HIGHZed IDE LSP Binary Configuration Arbitrary Code ExecutionEPSS 0.3%CVE-2026-44461HIGHZed: Remote Command Injection via Unquoted Environment Variable Keys (SSH / WSL Remote)EPSS 0.3%CVE-2025-68433HIGHZed IDE MCP Context Server Configuration Arbitrary Code ExecutionEPSS 0.3%CVE-2026-27967HIGHSymlink Escape in Agent File ToolsEPSS 0.2%CVE-2026-25805MEDIUMZed does not show Parameter Values for MCP Tool Calls. Users cannot detect tool poisoning.EPSS 0.2%CVE-2026-44463HIGHZed: Allowlist Bypass via Environment Variable Injection in Terminal Tool PermissionsEPSS 0.2%CVE-2026-44466HIGHZed: Allowlist Bypass via Bash Arithmetic Expansion in Terminal Tool PermissionsEPSS 0.2%CVE-2025-55012HIGHZed AI Agent Remote Code ExecutionEPSS 0.2%