Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

iTerm2

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2026-41253
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.01% / 0.26%
||
7 Day CHG~0.00%
Published-18 Apr, 2026 | 05:27
Updated-18 Apr, 2026 | 06:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory contains a malicious file whose name is valid output from the conductor encoding path, such as a pathname with an initial ace/c+ substring, aka "hypothetical in-band signaling abuse." This occurs because iTerm2 accepts the SSH conductor protocol from terminal output that does not originate from a legitimate conductor session.

Action-Not Available
Vendor-iTerm2
Product-iTerm2
CWE ID-CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CVE-2025-22275
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-9.3||CRITICAL
EPSS-0.10% / 26.70%
||
7 Day CHG~0.00%
Published-03 Jan, 2025 | 00:00
Updated-20 Jun, 2025 | 18:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. This can occur for certain it2ssh and SSH Integration configurations, during remote logins to hosts that have a common Python installation.

Action-Not Available
Vendor-iterm2iTerm2
Product-iterm2iTerm2
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2019-9535
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-1.40% / 80.45%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 19:15
Updated-17 Sep, 2024 | 02:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iTerm2, up to and including version 3.3.5, with tmux integration is vulnerable to remote command execution

A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5. This vulnerability may allow an attacker to execute arbitrary commands on their victim's computer by providing malicious output to the terminal. It could be exploited using command-line utilities that print attacker-controlled content.

Action-Not Available
Vendor-iterm2iTerm2
Product-iterm2iTerm2
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')