High severity7.8NVD Advisory· Published May 15, 2026· Updated May 20, 2026
CVE-2026-45038
CVE-2026-45038
Description
Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code execution can be achieved. This vulnerability is fixed in 1.0.233.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
1- github.com/Eugeny/tabby/security/advisories/GHSA-m937-jm93-pfp6nvdExploitVendor Advisory
News mentions
0No linked articles in our index yet.