VYPR
← All advisories
High severityNVD Advisory· Published Jun 12, 2026

CVE-2026-42850

CVE-2026-42850

Description

Command injection in Kitty terminal prior to 0.47.0 via unescaped error messages allows remote code execution when victim connects to attacker via netcat.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Command injection in Kitty terminal prior to 0.47.0 via unescaped error messages allows remote code execution when victim connects to attacker via netcat.

Vulnerability

Kitty terminal versions prior to 0.47.0 contain a command injection vulnerability in the error handling of the SSH function. When a specially crafted escape code (e.g., \x1bP@kitty-ssh|...) is sent, kitty attempts to open a file via shm_open and returns an error message that is not properly escaped. The error is echoed back to the terminal with CRLF characters, causing the shell to interpret and execute the injected command. Affected versions: all before 0.47.0. [1]

Exploitation

An attacker must first establish a network connection with the victim, who must be using a program like netcat to connect to the attacker or listening for incoming connections. Once the connection is active, the attacker sends the malicious escape code. For example, echo -e '\x1bP@kitty-ssh|cHc9OmlkPTE6cHdmaWxlPSQod2hvYW1pID4gJ3Rlc3QudHh0Jyk=\x1b\\' triggers the vulnerability. The kitty error is returned unescaped and executed by the shell. [1]

Impact

Successful exploitation allows the attacker to execute arbitrary commands in the victim's shell with the privileges of the kitty user. This can lead to full compromise of the victim's system, including data exfiltration, installation of malware, or further lateral movement. The impact is high as it enables remote code execution without authentication beyond the network connection. [1]

Mitigation

The vulnerability is fixed in Kitty version 0.47.0, released on an unknown date but prior to the CVE publication. Users should upgrade to 0.47.0 or later. No workarounds are mentioned in the available references. The CVE is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of publication. [1]

References
  1. Shell command injection

AI Insight generated on Jun 12, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Kovidgoyal/Kittyinferred2 versions
    <0.47.0+ 1 more
    • (no CPE)range: <0.47.0
    • (no CPE)range: < 0.47.0

Patches

1
eadec09d499b

version 0.47.0

https://github.com/kovidgoyal/kittyKovid GoyalMay 19, 2026Fixed in 0.47.0via release-tag
commit
2 files changed · +2 2
  • docs/changelog.rst+1 1 modified
    @@ -173,7 +173,7 @@ consumption to do the same tasks.
 Detailed list of changes
 -------------------------------------
 
-0.47.0 [future]
+0.47.0 [2026-05-19]
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 - A new :doc:`Drag and drop kitten </kittens/dnd>` to allow drag and drop of files from your shell to any GUI program even across SSH (:iss:`9984`)
  • kitty/constants.py+1 1 modified
    @@ -22,7 +22,7 @@ class Version(NamedTuple):
 
 appname: str = 'kitty'
 kitty_face = '🐱'
-version: Version = Version(0, 46, 2)
+version: Version = Version(0, 47, 0)
 str_version: str = '.'.join(map(str, version))
 _plat = sys.platform.lower()
 is_macos: bool = 'darwin' in _plat

Vulnerability mechanics

Root cause

"Error messages in Kitty are not escaped before being echoed to the terminal, allowing CRLF injection to turn error output into shell commands."

Attack vector

An attacker can send a specially crafted escape code that triggers an error in Kitty. The error message is echoed back to the terminal without proper escaping and includes CRLF (carriage return and line feed) characters, causing the terminal to interpret the error output as shell input. When the victim is running a program such as netcat that forwards raw data to Kitty, the attacker's control sequence can result in arbitrary command injection in the victim's shell. The precondition requires the victim to use netcat or a similar program that connects to the attacker, or to be listening for an incoming connection that the attacker can reach.

Affected code

The vulnerability involves how Kitty escapes error messages that are echoed back to the terminal via CRLF. The exact file(s) where the escaping logic resides are not visible in the provided patch — the patch only bumps the version number from 0.46.2 to 0.47.0 in `kitty/constants.py` and updates `docs/changelog.rst`, indicating the fix was included in the 0.47.0 release but the actual code change is not included in this diff.

What the fix does

The patch shown only updates the version constant from 0.46.2 to 0.47.0 and marks the release date in the changelog. The actual code fix that escapes error messages before echoing them back to the terminal is not visible in this diff — the advisory indicates that version 0.47.0 corrects the bug, meaning the fix prevents CRLF injection in error output so that attacker-supplied content cannot be interpreted as shell commands.

Preconditions

  • configVictim must use Kitty terminal emulator version prior to 0.47.0.
  • networkVictim must run a program (e.g., netcat) that connects to an attacker, or listen for an attacker's connection, so raw data reaches Kitty for processing.
  • inputAttacker sends a special escape code that triggers a Kitty error containing CRLF and shell commands.

Generated on Jun 12, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

1

News mentions

0

No linked articles in our index yet.