Known Vulnerabilities for products from Zsh Project
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Zsh Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41167 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-41153 json | Not Provided | 2026-04-17 | 2026-04-20 | |
| CVE-2026-41145 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-41136 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-41135 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-40938 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-40924 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-40923 json | Not Provided | 2026-04-21 | 2026-04-22 | |
| CVE-2026-40896 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2026-40566 json | Not Provided | 2026-04-21 | 2026-04-21 | |
| CVE-2017-18205 json | In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of ... | 8.1 - HIGH | 2018-02-27 | 2018-10-31 |
| CVE-2014-10072 json | In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links. | 9.8 - CRITICAL | 2018-02-27 | 2018-10-31 |
| CVE-2014-10070 json | zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treat... | 7.8 - HIGH | 2018-02-27 | 2018-03-21 |