Description
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with `cat`, a log line, an email body rendered in `less`, an issue body in a TUI, etc. — can cause kitty to execute attacker-supplied Python inside the running kitty process, with the user's full privileges. There is no approval prompt, no remote-control permission requirement, no shell-integration interaction, no clipboard touch, and no editor interaction. Version 0.47.0 fixes the issue.
Published: 2026-06-12
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Kitty, a cross‑platform GPU terminal, had a flaw that let an attacker who could write bytes to the terminal inject Python code that would run inside the kitty process with the user’s privileges. The vulnerability is a code‑injection flaw (CWE‑94) combined with missing authorization checks (CWE‑862). It allows the attacker to read, modify, or delete any data accessible to the local user and potentially launch further attacks against the system.

Affected Systems

The affected product is Kitty (kovidgoyal:kitty). All releases prior to version 0.47.0 are vulnerable. The flaw can be triggered when kitty is used over a remote SSH session, when a file is displayed with cat, within email bodies rendered by less, in TUI issue bodies, or any context where external data can be written to the terminal.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity, but the EPSS score of less than 1 % shows a low probability of exploitation in the wild. The vulnerability is not listed in CISA’s KEV catalogue, and the attack requires the attacker to have the ability to write arbitrary bytes to a running kitty process, which is a local privilege scenario. Once triggered, it provides full user‑level code execution inside the running terminal with no user confirmation or remote‑control permission needed.

Generated by OpenCVE AI on June 12, 2026 at 21:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official update to Kitty 0.47.0 or newer, which removes the vulnerable code path.
  • Restart any services or sessions that use Kitty so that the updated binary is loaded.
  • Audit and restrict any applications that have the ability to write data to a Kitty terminal to minimise the local attack surface.

Generated by OpenCVE AI on June 12, 2026 at 21:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 12 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Kovidgoyal
Kovidgoyal kitty
Vendors & Products Kovidgoyal
Kovidgoyal kitty

Fri, 12 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with `cat`, a log line, an email body rendered in `less`, an issue body in a TUI, etc. — can cause kitty to execute attacker-supplied Python inside the running kitty process, with the user's full privileges. There is no approval prompt, no remote-control permission requirement, no shell-integration interaction, no clipboard touch, and no editor interaction. Version 0.47.0 fixes the issue.
Title @kitty-edit DCS + --color=geninclude vulnerable to Unauthenticated in-process RCE
Weaknesses CWE-862
CWE-94
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Kovidgoyal Kitty
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-12T20:00:23.386Z

Reserved: 2026-04-30T16:44:48.378Z

Link: CVE-2026-42851

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-12T20:16:45.420

Modified: 2026-06-12T20:16:45.420

Link: CVE-2026-42851

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-12T22:00:20Z

Weaknesses
  • CWE-862

    Missing Authorization

  • CWE-94

    Improper Control of Generation of Code ('Code Injection')