Cyber Posture

CVE-2026-25805

MediumPublic PoC

Published: 10 February 2026

Published
10 February 2026
Modified
19 February 2026
KEV Added
Patch
CVSS Score 6.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0007 20.6th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-25805 is a medium-severity Product UI does not Warn User of Unsafe Actions (CWE-356) vulnerability in Zed Zed. Its CVSS base score is 6.4 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked at the 20.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Command and Scripting Interpreter (T1059) and 2 other techniques.
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SC-15 Collaborative Computing Devices and Applications
addresses: CWE-356

Mandates explicit user-visible indication, directly countering absence of warnings for device activation.

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
T1204 User Execution Execution
An adversary may rely upon specific actions by a user in order to gain execution.
attack.mitre.org →
T1078.003 Local Accounts Stealth
Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.
attack.mitre.org →
Why these techniques?

UI omission of tool parameters (CWE-356) directly enables a collaborator (valid account) to obtain user approval for hidden malicious parameters, resulting in execution via the editor's tool/command interpreter (T1059) after user interaction (T1204).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Zed is a multiplayer code editor. Prior to 0.219.4, Zed does not show with which parameters a tool is being invoked, when asking for allowance. Further it does not show after the tool was being invoked, which parameters were used.…

more

Thus, maybe unwanted or even malicious values could be used without the user having a chance to notice it. Patched in Zed Editor 0.219.4 which includes expandable tool call details.

Deeper analysisAI

CVE-2026-25805 affects Zed, a multiplayer code editor, in versions prior to 0.219.4. The vulnerability stems from the application's failure to display the parameters used when invoking tools, both at the time of requesting user allowance and afterward. This lack of visibility (classified under CWE-356) enables potentially unwanted or malicious parameter values to be executed without user awareness. The issue carries a CVSS v3.1 base score of 6.4 (AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).

Exploitation requires network access, high privileges (such as those held by a collaborator in a multiplayer session), high attack complexity, and user interaction in the form of granting permission to the tool invocation. An attacker could craft a tool call with malicious parameters, tricking the user into approving it unknowingly, potentially leading to high-impact confidentiality, integrity, and availability violations on the victim's system.

The Zed project patched this in version 0.219.4 by adding expandable details for tool calls, enabling users to inspect parameters before and after invocation. Additional details are available in the GitHub Security Advisory at https://github.com/zed-industries/zed/security/advisories/GHSA-f2g4-87h6-4pxq.

Details

CWE(s)
CWE-356

Affected Products

zed
zed
≤ 0.219.4

CVEs Like This One

CVE-2026-27800Same product: Zed Zed
CVE-2026-27976Same product: Zed Zed
CVE-2026-27967Same product: Zed Zed
CVE-2025-3839Shared CWE-356
CVE-2025-2450Shared CWE-356

References