CVE-2026-25807HIGH 8.8EPSS p45.9%

CVE-2026-25807CVE-2026-25807

Description

ZAI Shell is an autonomous SysOps agent designed to navigate, repair, and secure complex environments. Prior to 9.0.3, the P2P terminal sharing feature (share start) opens a TCP socket on port 5757 without any authentication mechanism. Any remote attacker can connect to this port using a simple socket script. An attacker who connects to a ZAI-Shell P2P session running in --no-ai mode can send arbitrary system commands. If the host user approves the command without reviewing its contents, the command executes directly with the user's privileges, bypassing all Sentinel safety checks. This vulnerability is fixed in 9.0.3.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS0.64% probability of exploitation · percentile 45.9% · 2026-06-19T12:03:05Z
Published2026-02-09
Last modified2026-02-24

Underlying weaknesses· 1

CWE-94

References

  1. https://github.com/TaklaXBR/zai-shell/commit/a4ea8525d912f55d6e2f09b2869966c52d189a4a
  2. https://github.com/TaklaXBR/zai-shell/releases/tag/v9.0.3
  3. https://github.com/TaklaXBR/zai-shell/security/advisories/GHSA-6pjj-r955-34rr

1

TypeTargetConfidenceTier
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-49188
CVE
CVE-2025-53868
CVE
CVE-2025-59815
CVE
CVE-2025-25269
CVE
CVE-2025-54816
CVE
CVE-2025-67511
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.