Description
Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor (`async_tar::Archive::unpack`) creates symlinks from the archive without validation, and the path guard (`writeable_path_from_extension`) only performs lexical prefix checks without resolving symlinks. An attacker can ship a tar that first creates a symlink inside the extension workdir pointing outside (e.g., `escape -> /`), then writes files through the symlink, causing writes to arbitrary host paths. This escapes the extension sandbox and enables code execution. Version 0.224.4 patches the issue.
Published: 2026-02-25
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution via Sandbox Escape
Action: Immediate Patch
AI Analysis

Impact

The Zed editor’s extension installer processes tar and gzip archives without validating symlinks. A crafted archive can create a symbolic link inside the extension work folder that points outside the allowed path, such as to the root directory. When the installer extracts files through that link, it writes to arbitrary host filesystem locations. This manipulation bypasses the intended sandbox and allows an attacker to place executable files or modify critical system files, effectively enabling code execution on the host system. The weakness is a classic pathname traversal issue, identified as CWE‑61.

Affected Systems

All installations of Zed Industries’ Zed code editor that use the extension installation feature and run a version earlier than 0.224.4 are affected. This includes any platform where the editor can unpack user‑supplied extensions. Users of 0.224.4 and newer are not vulnerable.

Risk and Exploitability

The vulnerability scores 8.8 on CVSS, indicating a high exploitability and impact. The EPSS score of less than 1% suggests that exploitation activity has been observed at a very low rate so far. It is not listed in the CISA KEV catalog. The attack vector is primarily through a malicious extension download or local file tampering; an attacker who can supply or modify the tar archive passed to the updater could gain write access to arbitrary files, resulting in remote code execution. Because no prerequisite software or elevated privileges are required beyond the ability to install a malicious extension, the risk is moderate to high for users who regularly add third‑party extensions.

Generated by OpenCVE AI on April 17, 2026 at 14:42 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Zed to version 0.224.4 or later.
  • If upgrading is not immediately possible, avoid installing extensions from untrusted sources and limit the extension repository to trusted contributors.
  • Disable the extension installer feature or block its execution to prevent the exploit while a patch is pending.

Generated by OpenCVE AI on April 17, 2026 at 14:42 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 05 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Zed
Zed zed
CPEs cpe:2.3:a:zed:zed:*:*:*:*:*:*:*:*
Vendors & Products Zed
Zed zed

Thu, 26 Feb 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 26 Feb 2026 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Zed-industries
Zed-industries zed
Vendors & Products Zed-industries
Zed-industries zed

Thu, 26 Feb 2026 00:00:00 +0000

Type Values Removed Values Added
Description Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, the tar extractor (`async_tar::Archive::unpack`) creates symlinks from the archive without validation, and the path guard (`writeable_path_from_extension`) only performs lexical prefix checks without resolving symlinks. An attacker can ship a tar that first creates a symlink inside the extension workdir pointing outside (e.g., `escape -> /`), then writes files through the symlink, causing writes to arbitrary host paths. This escapes the extension sandbox and enables code execution. Version 0.224.4 patches the issue.
Title Zed Extension Sandbox Escape via Tar Symlink Following
Weaknesses CWE-61
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Zed Zed
Zed-industries Zed
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-27T04:55:52.466Z

Reserved: 2026-02-25T03:24:57.793Z

Link: CVE-2026-27976

cve-icon Vulnrichment

Updated: 2026-02-26T16:54:05.876Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-26T00:16:27.293

Modified: 2026-03-05T16:08:38.163

Link: CVE-2026-27976

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T14:45:21Z

Weaknesses