Terminal Microsoft Terminal

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Terminal.

Recent Microsoft Terminal Security Advisories

Advisory Title Published
CVE-2026-54124 CVE-2026-54124 Windows Terminal Remote Code Execution Vulnerability July 14, 2026
CVE-2026-52859 CVE-2026-52859 Vim: Out-of-bounds Read in Terminal Screen Snapshot June 13, 2026
CVE-2026-45803 CVE-2026-45803 gh: GitHub Actions log output in `gh run view` allows terminal escape sequence injection May 21, 2026
CVE-2026-28420 CVE-2026-28420 Vim has Heap-based Buffer Overflow and OOB Read in :terminal March 1, 2026
CVE-2022-28391 CVE-2022-28391 BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively the attacker could choose to change the terminal's colors. January 1, 2026
CVE-2016-2781 CVE-2016-2781 chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer. January 1, 2026
CVE-2025-46394 CVE-2025-46394 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. December 7, 2025
CVE-2024-58251 CVE-2024-58251 In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim. December 7, 2025
CVE-2022-44702 Windows Terminal Remote Code Execution Vulnerability December 13, 2022

By the Year

In 2026 there have been 1 vulnerability in Microsoft Terminal with an average score of 7.8 out of ten. Terminal did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.

Year Vulnerabilities Average Score
2026 1 7.80
2025 0 0.00
2024 0 0.00
2023 0 0.00
2022 1 7.80

It may take a day or so for new Terminal vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Terminal Security Vulnerabilities

Jul 2026: Windows Terminal Remote Code Execution Vulnerability
CVE-2026-54124 7.8 - High - July 14, 2026

Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code locally.

Integer Overflow or Wraparound

Dec 2022: Windows Terminal Remote Code Execution Vulnerability
CVE-2022-44702 7.8 - High - December 13, 2022

Windows Terminal Remote Code Execution Vulnerability

Code Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Terminal or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe