Every CVE whose affected-product data names Mintty Project Mintty, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-47583 — CVSS 9.8 (critical): Terminal character injection in Mintty before 3.6.3 allows code execution via unescaped output to the terminal.
CVE-2023-39726 — CVSS 9.8 (critical): An issue in Mintty v.3.6.4 and before allows a remote attacker to execute arbitrary code via crafted commands to the terminal.
CVE-2021-28848 — CVSS 7.5 (high): Mintty before 3.4.5 allows remote servers to cause a denial of service (Windows GUI hang) by telling the Mintty window to change its title…