📦 Zed

Zed code editor versions before 0.225.9 have a symlink escape vulnerability that allows reading and writing files outside the project directory when symbolic links point to external paths. This bypass...

Zed code editor versions before 0.224.4 contain a Zip Slip vulnerability in the extension archive extraction functionality. This allows malicious extensions to write files outside their designated san...

Zed code editor versions before 0.218.2-pre have an arbitrary code execution vulnerability where malicious Language Server Protocol configurations in project settings files can execute shell commands ...

Zed code editor versions before 0.218.2-pre have an arbitrary code execution vulnerability where malicious MCP configurations in project settings files can execute shell commands automatically when op...