CVE-2026-54056
CVE-2026-54056
Kitty is a cross-platform GPU based terminal. In versions 0.47.0 and 0.47.1, `kitten dnd` can allow a malicious remote drag-and-drop source to overwrite or truncate arbitrary files writable by the local kitty user. Remote `text/uri-list` d…
CVSS v3 metric
CVSS v3 base score 7.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L.
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2026-54056?
- CVE-2026-54056 is a high-severity vulnerability, classified under Improper Link Resolution Before File Access. CVSS score: 7.6/10. Published 2026-06-12.
- How severe is CVE-2026-54056?
- High severity. CVSS v3 base score is 7.6 out of 10.