PT-2026-39674 · Zen · Zen

0Xstraw-Hat

·

Published

2026-05-11

·

Updated

2026-05-11

·

CVE-2026-44658

CVSS v3.1

2.4

Low

VectorAV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions Zen versions prior to 1.19.12b
Description In the promptForFeedUrl() function, RSS feed URLs entered by the user are validated to ensure they use http: or https: protocols. However, item links within the feed are not subject to this restriction. The provider maps each RSS/Atom item link into item.url, filtering only for presence and date. Subsequently, the live-folder manager creates pinned lazy tabs using these values via gBrowser.addTrustedTab(item.url, ...), which can lead to the execution of unauthorized protocols.
Recommendations Update to version 1.19.12b.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-44658
GHSA-CC9C-MMMF-C5J6

Affected Products

Zen