CVE-2026-45353

Summary

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From 3.0.6 to 3.8.8, This vulnerability is fixed in 3.9.0.

Affected Software

VendorProductVersion RangeStatus
electermelecterm>= 3.0.6, < 3.89.0affected

Weaknesses

  • CWE-94: CWE-94: Improper Control of Generation of Code ('Code Injection')
  • CWE-732: CWE-732: Incorrect Permission Assignment for Critical Resource
  • CWE-940: CWE-940: Improper Verification of Source of a Communication Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References