Which versions of electerm are affected by CVE-2026-43944?

electerm versions 3.0.6 through 3.8.14 contain a critical remote code execution vulnerability exploitable through phishing attacks via malicious deep links or files, requiring only user interaction…. A patch is available.

Is there a public PoC exploit available for CVE-2026-43944?

Yes, a public proof-of-concept exploit is available for CVE-2026-43944. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2026-43944?

Within 24 hours: Inventory all systems running electerm versions 3.0.6-3.8.14 and restrict user access to externally-sourced electerm:// links and shortcuts. Within 7 days: Upgrade all affected electerm installations to version 3.8.15 or later. Within 30 days: Deploy application whitelisting or endpoint controls to block unauthorized electerm process execution, and conduct security awareness training on deep-link and file-based phishing.

electerm CVE-2026-43944

Q: What is the CVSS score of CVE-2026-43944?

CVE-2026-43944 has a CVSS 4.0 base score of 9.4 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-28516 CRITICAL

Improper Input Validation (CWE-20)

2026-05-08 GitHub_M

GHSA-mpm8-cx2p-626q

RCE

9.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Patch available

May 08, 2026 - 05:31 EUVD

Source Code Evidence Fetched

May 08, 2026 - 04:32 vuln.today

Analysis Generated

May 08, 2026 - 04:32 vuln.today

CVSS changed

May 08, 2026 - 04:22 NVD

9.4 (CRITICAL)

CVE Published

May 08, 2026 - 03:08 nvd

CRITICAL 9.4

DescriptionNVD

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. From versions 3.0.6 to before 3.8.15, electerm is vulnerable to arbitrary local code execution via deep links, CLI --opts, or crafted shortcuts. Exploit requires clicking a crafted electerm://... link or opening a crafted shortcut/command that launches electerm with attacker-controlled opts. This issue has been patched in version 3.8.15.

AnalysisAI

Arbitrary local code execution in electerm (versions 3.0.6-3.8.14) allows remote attackers to execute malicious code on victim systems by tricking users into clicking crafted electerm:// deep links, opening malicious shortcuts, or running CLI commands with attacker-controlled --opts parameters. The vulnerability stems from insufficient input validation (CWE-20) on deep link and CLI arguments, enabling adversaries to inject arbitrary options that execute code with the privileges of the electerm process. …

RemediationAI

Within 24 hours: Inventory all systems running electerm versions 3.0.6-3.8.14 and restrict user access to externally-sourced electerm:// links and shortcuts. Within 7 days: Upgrade all affected electerm installations to version 3.8.15 or later. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-43944 vulnerability details – vuln.today

Back

electerm CVE-2026-43944

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

electerm CVE-2026-43944

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code