Known Vulnerabilities for products from Zsh Project
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Zsh Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49368 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2026-49299 json | Not Provided | 2026-05-28 | 2026-06-02 | |
| CVE-2026-49144 json | Not Provided | 2026-06-02 | 2026-06-03 | |
| CVE-2026-48245 json | Not Provided | 2026-05-21 | 2026-05-21 | |
| CVE-2026-48244 json | Not Provided | 2026-05-21 | 2026-05-21 | |
| CVE-2026-48065 json | Not Provided | 2026-05-27 | 2026-05-28 | |
| CVE-2026-47728 json | Not Provided | 2026-05-26 | 2026-05-26 | |
| CVE-2026-47716 json | Not Provided | 2026-05-26 | 2026-05-26 | |
| CVE-2026-47715 json | Not Provided | 2026-05-26 | 2026-05-26 | |
| CVE-2026-47179 json | Not Provided | 2026-05-29 | 2026-05-29 | |
| CVE-2017-18205 json | In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of ... | 8.1 - HIGH | 2018-02-27 | 2018-10-31 |
| CVE-2014-10072 json | In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links. | 9.8 - CRITICAL | 2018-02-27 | 2018-10-31 |
| CVE-2014-10070 json | zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treat... | 7.8 - HIGH | 2018-02-27 | 2018-03-21 |