Code Execution Vulnerability in Tabby Terminal Emulator
CVE-2026-46709
7.8HIGH
What is CVE-2026-46709?
Tabby, a configurable terminal emulator, contains a flaw that allows for code execution through improperly handled file paths. When a user drops a file, the application fails to neutralize command substitution metacharacters, enabling code execution when the user presses Enter. This vulnerability affects all versions prior to 1.0.234, which has introduced a fix that addresses these security concerns.
Affected Version(s)
tabby < 1.0.234
