Skip to main content

Mintty

4 CVEs product

Monthly

CVE-2025-1052 HIGH This Week

Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE Mintty
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-39726 CRITICAL Act Now

An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Mintty
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2021-31701 HIGH This Week

Mintty before 3.4.7 mishandles Bracketed Paste Mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mintty
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-28848 HIGH PATCH This Week

Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintty window to change its title repeatedly at high speed, which results in many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Microsoft Denial Of Service Mintty
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
EPSS 2% CVSS 8.8
HIGH This Week

Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow RCE +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Mintty
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Mintty before 3.4.7 mishandles Bracketed Paste Mode. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mintty
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintty window to change its title repeatedly at high speed, which results in many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Microsoft Denial Of Service Mintty
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy