QSearchQSearch

CVE-2026-45035

8.8 HIGH

Tabby (formerly Terminus) is a highly configurable terminal emulator

Published: 2026-05-15 · Last updated: 2026-05-19

Severity and scoring

CVSS
8.8 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE
CWE-78

Affected products

VendorProduct
tabbytabby

Description

Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or sandboxing. An attacker can craft a malicious link (tabby://run?command=...) and deliver it via a website, email, chat message, or any other medium. When a victim clicks the link, the OS launches Tabby which immediately spawns the specified command as a child process with the user's full privileges. This is a zero-click-after-link-visit RCE vulnerability. This vulnerability is fixed in 1.0.233.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-45038 Tabby (formerly Terminus) is a highly configurable terminal emulator (7.8 HIGH)
  • CVE-2026-45037 Tabby (formerly Terminus) is a highly configurable terminal emulator (7.1 HIGH)
  • CVE-2026-45036 Tabby (formerly Terminus) is a highly configurable terminal emulator (7.0 HIGH)

Same CWE

  • CVE-2026-49219 ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
  • CVE-2026-42563 Dulwich is a pure-Python implementation of the Git file formats and protocols
  • CVE-2026-0273 A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrict...
  • CVE-2026-6893 A flaw was found in dracut (8.8 HIGH)
  • CVE-2026-46643 Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page