CVE-2026-25807

Name of the Vulnerable Software and Affected Versions ZAI Shell versions prior to 9.0.3

Description ZAI Shell, an autonomous SysOps agent, has an issue in its P2P terminal sharing feature (share start). Before version 9.0.3, this feature opens a TCP socket on port 5757 without authentication. A remote attacker connecting to this port can send arbitrary system commands. If the host user approves these commands without review, they execute with the user's privileges, bypassing Sentinel safety checks. The vulnerable component is the P2P terminal sharing feature, specifically the 'share start' functionality. The affected API endpoint is a TCP socket on port 5757. The vulnerable parameter is the system command sent through the socket.

Recommendations Update to version 9.0.3 or later.