CVE-2026-25807 – CVE-2026-25807 is a critical vulnerability in Z... (How to Fix)

Q: What is the severity of CVE-2026-25807?

CVE-2026-25807 has a CVSS score of 8.8 (HIGH). CVE-2026-25807 is a critical vulnerability in ZAI Shell's P2P terminal sharing feature that allows unauthenticated remote attackers to execute arbitrary system commands. Attackers can connect to port 5757 and send commands that execute with the user's privileges if approved without review, bypassing all safety checks. This affects all ZAI Shell users running versions before 9.0.3 with the P2P sharing feature enabled.

📋 TL;DR

CVE-2026-25807 is a critical vulnerability in ZAI Shell's P2P terminal sharing feature that allows unauthenticated remote attackers to execute arbitrary system commands. Attackers can connect to port 5757 and send commands that execute with the user's privileges if approved without review, bypassing all safety checks. This affects all ZAI Shell users running versions before 9.0.3 with the P2P sharing feature enabled.

💻 Affected Systems

Products:

ZAI Shell

Versions: All versions prior to 9.0.3

Operating Systems: All supported platforms (Linux, Windows, macOS)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists when P2P terminal sharing feature (share start) is used, particularly in --no-ai mode where Sentinel safety checks are bypassed.

📦 What is this software?

Zai Shell by Taklaxbr

View all CVEs affecting Zai Shell →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains full system control, executes arbitrary commands with user privileges, leading to complete system compromise, data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Remote attacker executes commands to steal sensitive data, install backdoors, or disrupt operations, especially in environments where users might approve commands without proper review.

🟢

If Mitigated

Limited impact if proper network segmentation, firewalls, and user awareness prevent unauthorized connections and command approval.

🌐 Internet-Facing: HIGH - The vulnerability allows unauthenticated remote exploitation via port 5757, making internet-facing systems extremely vulnerable to attack.

🏢 Internal Only: HIGH - Even internally, any attacker on the network can exploit this without authentication, posing significant risk in shared environments.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only a simple socket connection to port 5757 and sending commands that the user might approve without review. No authentication or special tools needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.0.3

Vendor Advisory: https://github.com/TaklaXBR/zai-shell/security/advisories/GHSA-6pjj-r955-34rr

Restart Required: Yes

Instructions:

1. Download ZAI Shell version 9.0.3 or later from official repository. 2. Stop all ZAI Shell processes. 3. Install the updated version. 4. Restart ZAI Shell services.

🔧 Temporary Workarounds

Block Port 5757

linux

Prevent external and internal access to the vulnerable port using firewall rules.

sudo iptables -A INPUT -p tcp --dport 5757 -j DROP
sudo ufw deny 5757

Disable P2P Sharing

all

Disable the vulnerable P2P terminal sharing feature entirely.

zai-shell config set p2p_sharing false

🧯 If You Can't Patch

Implement strict network segmentation to isolate systems running ZAI Shell and block all traffic to port 5757 at network perimeter.
Enforce user training to never approve commands in P2P sessions without thorough review, and disable --no-ai mode usage.

🔍 How to Verify

Check if Vulnerable:

Check if ZAI Shell is running and listening on port 5757: 'netstat -tlnp | grep 5757' or 'ss -tlnp | grep 5757'. If listening and version <9.0.3, system is vulnerable.

Check Version:

zai-shell --version

Verify Fix Applied:

After patching, verify version is 9.0.3 or higher with 'zai-shell --version' and confirm port 5757 is no longer open or requires authentication.

📡 Detection & Monitoring

Log Indicators:

Unusual connections to port 5757 in system logs
ZAI Shell logs showing P2P session activity from unexpected sources
Commands executed via ZAI Shell that weren't initiated by the user

Network Indicators:

Unexpected TCP connections to port 5757 from internal or external IPs
Traffic patterns showing command execution sequences on port 5757

SIEM Query:

source="*zai-shell*" AND (event="p2p_session" OR port=5757) | stats count by src_ip, user

📊 Metadata

CVE ID: CVE-2026-25807

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-94

EPSS Score: 0.11% exploit probability (29.2th percentile)

Published: February 9, 2026

Last Updated: February 24, 2026

🔗 References

https://github.com/TaklaXBR/zai-shell/commit/a4ea8525d912f55d6e2f09b2869966c52d189a4a Patch
https://github.com/TaklaXBR/zai-shell/releases/tag/v9.0.3 Product,Release Notes
https://github.com/TaklaXBR/zai-shell/security/advisories/GHSA-6pjj-r955-34rr Exploit,Mitigation,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-25807, you might also want to check these: