This page lists publicly disclosed CVE vulnerabilities affecting rxvt-unicode_project rxvt-unicode (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-4170 | The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. | [email protected] | 9.8 | 2.06% | 2022-12-09 | 2026-06-17 |
| CVE-2021-33477 | rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of certain escape sequences (ESC G Q). A response is terminated by a newline. | [email protected] | 8.8 | 4.01% | 2021-05-20 | 2026-06-16 |