CVE-2026-27967
7.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Summary
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools (read_file, edit_file). It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace boundary and privacy protections (file_scan_exclusions, private_files), potentially leaking sensitive user data to the LLM. Version 0.225.9 fixes the issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| zed-industries | zed | < 0.225.9 | affected |
Weaknesses
- CWE-59: CWE-59: Improper Link Resolution Before File Access ('Link Following')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.