What is CVE-2024-55950?

CVE-2024-55950 is a vulnerability in Eugeny Tabby, classified under Incorrect Default Permissions. Published 2024-12-26.

Is CVE-2024-55950 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Eugeny Tabby

CVE-2024-55950

Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.216, Tabby terminal emulator contains overly permissive entitlements that are unnecessary for its core functionality and plugin system, creating potential s…

EPSS: 0.001 (27.7th percentile) — read the EPSS interpretation.

Affected products

Eugeny Tabby — versions < 1.0.216

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

Public proof-of-concept exploits

seyrenus/trace-release

References

https://github.com/Eugeny/tabby/security/advisories/GHSA-jx33-9jc7-24gc (x_refsource_CONFIRM)
https://github.com/Eugeny/tabby/commit/e1e6e1cdab0310a881e36afd7c2744e5f905518b (x_refsource_MISC)

Frequently asked questions

What is CVE-2024-55950?: CVE-2024-55950 is a vulnerability in Eugeny Tabby, classified under Incorrect Default Permissions. Published 2024-12-26.
Is CVE-2024-55950 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.