CVE-2026-44466

8.6 HIGH

Zed is a code editor

Published: 2026-05-28 · Last updated: 2026-06-02

Severity and scoring

CVSS: 8.6 HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CWE: CWE-78

Affected products

Vendor	Product
zed	zed

Description

Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowlisted command like echo. This vulnerability is fixed in 0.229.0.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-44466
[Vendor advisory]https://github.com/zed-industries/zed/security/advisories/GHSA-c99f-97vf-4h5h
[Vendor advisory]https://github.com/zed-industries/zed/security/advisories/GHSA-c99f-97vf-4h5h

Related CVEs

Same vendor

CVE-2026-44465 — Zed is a code editor (8.6 HIGH)
CVE-2026-44463 — Zed is a code editor (8.6 HIGH)
CVE-2026-44462 — Zed is a code editor (6.4 MEDIUM)
CVE-2026-44461 — Zed is a code editor (8.6 HIGH)

Same CWE

CVE-2026-11527 — Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument...
CVE-2026-11526 — GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle
CVE-2026-46716 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (9.9 CRITICAL)
CVE-2026-42853 — ApostropheCMS is an open-source Node.js content management system (6.5 MEDIUM)
CVE-2026-48165 — MariaDB server is a community developed fork of MySQL server (8.0 HIGH)