CVE-2026-44465
EUVD-2026-3293728.05.2026, 17:16
Zed is a code editor. Prior to 0.227.1, Zed IDE executes arbitrary commands when opening a folder with a malicious .git/config file that abuses the core.fsmonitor Git configuration option. This allows an attacker to achieve Remote Code Execution (RCE) when a victim open a folder in untrusted mode. This vulnerability is fixed in 0.227.1.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| zed | zed | 𝑥 < 0.227.1 |
𝑥
= Vulnerable software versions