Product

Electerm (>= 3.0.6, <= 3.8.8)

1 brief RSS

Electerm Local Code Execution via Single-Instance Socket (CVE-2026-45353)

Electerm versions 3.0.6 through 3.8.8 are vulnerable to local code execution (CVE-2026-45353) where a same-user process can send a JSON payload to the application's single-instance socket/pipe, leading to arbitrary tab creation and local process spawning.

electerm local code execution vulnerability

2r 1t 43m ago