Zed Zed
5 CVEs affecting Zed Zed. Latest disclosed: 2026-05-28. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44466 | High | 8.6 | 2026-05-28 | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arb… |
CVE-2026-44465 | High | 8.6 | 2026-05-28 | Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmoni… |
CVE-2026-44463 | High | 8.6 | 2026-05-28 | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted com… |
CVE-2026-44461 | High | 8.6 | 2026-05-28 | Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL remote commands as a shell command string that starts with exec env ..., but environment variable ke… |
CVE-2026-44462 | Medium | 6.4 | 2026-05-28 | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash variable expansion chaining (${var@P}), allowing arbitra… |