All 8 CVE vulnerabilities found in kitty, with AI-generated Chinese analysis, references, and POCs.
Vendor: kitty project
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-54057 | Kitty vulnerable to command injection via unsanitized OSC 21 query reply CWE-94 | - | - | 2026-06-12 |
| CVE-2026-54056 | Kitty has an arbitrary file overwrite via symlink following in `kitten dnd` remote drop staging CWE-59 | 7.6 | High | 2026-06-12 |
| CVE-2026-54055 | Kitty has an Arbitrary File Write via Symlink Race Condition in File Transmission Protocol CWE-59 | 5.0 | Medium | 2026-06-12 |
| CVE-2026-42851 | @kitty-edit DCS + --color=geninclude vulnerable to Unauthenticated in-process RCE CWE-94 | 7.8 | High | 2026-06-12 |
| CVE-2026-42850 | Kitty has a shell command injection CWE-77 | - | - | 2026-06-12 |
| CVE-2026-33642 | Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check CWE-190 | 9.9 | Critical | 2026-05-19 |
| CVE-2026-33633 | Kitty has a Heap Buffer Overflow in its Graphics Protocol Handler CWE-122 | 7.5 | High | 2026-05-19 |
| CVE-2025-43929 | kitty 安全漏洞 CWE-346 | 4.1 | Medium | 2025-04-20 |
All 8 known CVE vulnerabilities affecting kitty with full Chinese analysis, references, and POCs where available.