CVE-2026-45058
Persistent Local-PTY Code Execution in Electerm
Publication date: 2026-05-28
Last updated on: 2026-05-28
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| electerm | electerm | to 3.8.8 (exc) |
| electerm | electerm | to 3.8.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-345 | The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
| CWE-494 | The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. |
| CWE-915 | The product receives input from an upstream component that specifies multiple attributes, properties, or fields that are to be initialized or updated in an object, but it does not properly control which attributes can be modified. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability in electerm allows remote code execution through malicious bookmark imports or compromised sync targets, which can lead to unauthorized access and manipulation of system resources.
Such unauthorized code execution and potential data compromise can negatively impact the confidentiality, integrity, and availability of sensitive data, which are core principles in compliance frameworks like GDPR and HIPAA.
Therefore, exploitation of this vulnerability could result in non-compliance with these regulations due to failure to adequately protect sensitive information and maintain system security.
Can you explain this vulnerability to me?
CVE-2026-45058 is a critical vulnerability in the electerm application, versions 3.8.8 and earlier. It arises from unsafe handling of bookmark data imports, allowing attackers to inject malicious code through exec* fields or global configuration settings in bookmark JSON files or compromised sync targets like gist or WebDAV.
This injection leads to persistent local-pty code execution, meaning that when a user opens a malicious bookmark or when sync operations apply compromised data, remote code can be executed on the user's system.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized remote code execution on the affected system, which compromises confidentiality, integrity, and availability of the system.
- Attackers can execute arbitrary code locally, potentially gaining control over the system.
- It can lead to data breaches or system manipulation due to the high severity of the vulnerability.
- Users who import untrusted bookmark data or use compromised sync targets are at risk.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, users should avoid importing untrusted bookmark JSON files and refrain from using compromised sync targets such as gist or WebDAV.
Since no patches are currently available, the best immediate step is to ensure that only trusted bookmark data is imported and to disable or carefully monitor sync configurations to prevent remote code execution.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific information provided about detection methods or commands to identify this vulnerability on a network or system.