Known Vulnerabilities for products from Zsh Project
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Zsh Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45184 json | Not Provided | 2026-05-09 | 2026-05-10 | |
| CVE-2026-44987 json | Not Provided | 2026-05-08 | 2026-05-08 | |
| CVE-2026-44301 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-44263 json | Not Provided | 2026-05-07 | 2026-05-07 | |
| CVE-2026-44262 json | Not Provided | 2026-05-12 | 2026-05-12 | |
| CVE-2026-43877 json | Not Provided | 2026-05-11 | 2026-05-12 | |
| CVE-2026-43288 json | Not Provided | 2026-05-08 | 2026-05-11 | |
| CVE-2026-43001 json | Not Provided | 2026-05-01 | 2026-05-01 | |
| CVE-2026-42812 json | Not Provided | 2026-05-04 | 2026-05-04 | |
| CVE-2026-42461 json | Not Provided | 2026-05-09 | 2026-05-09 | |
| CVE-2017-18205 json | In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of ... | 8.1 - HIGH | 2018-02-27 | 2018-10-31 |
| CVE-2014-10072 json | In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links. | 9.8 - CRITICAL | 2018-02-27 | 2018-10-31 |
| CVE-2014-10070 json | zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treat... | 7.8 - HIGH | 2018-02-27 | 2018-03-21 |