| CVE-2026-41501 |
critical |
9.8 |
9.8 |
|
|
|
28d ago |
electerm has Command Injection via runLinux funtion |
| CVE-2026-41500 |
critical |
9.8 |
9.8 |
|
|
|
28d ago |
electerm: electerm_install_script_CommandInjection Vulnerability Report |
| CVE-2026-43944 |
critical |
9.6 |
9.6 |
|
|
|
28d ago |
Electerm users can run dangrous code through link or command line |
| CVE-2026-43941 |
critical |
9.6 |
9.6 |
|
|
|
28d ago |
Electerm has an unvalidated shell.openExternal that allows arbitrary protocol execution via terminal link click |
| CVE-2026-45058 |
critical |
— |
9.5 |
|
|
|
21d ago |
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or compromised sync… |
| CVE-2020-23256 |
critical |
— |
9.5 |
|
|
|
3y ago |
electerm allows unauthorized users to execute arbitrary commands |
| CVE-2026-45787 |
critical |
9.1 |
9.1 |
|
|
|
21d ago |
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confid… |
