CVE-2026-25807 PoC — ZAI Shell 代码注入漏洞

Source

https://github.com/ibrahmsql/CVE-2026-25807-Exploit

Associated Vulnerability

Title:ZAI Shell 代码注入漏洞 (CVE-2026-25807)
Description:ZAI Shell是Ömer Efe Başol (TaklaXBR)个人开发者的一个终端自主AI代理软件。 ZAI Shell 9.0.3之前版本存在代码注入漏洞，该漏洞源于P2P终端共享功能缺乏身份验证机制，可能导致任意命令执行。

Description

CVE-2026-25807  Unauthenticated Remote Code Execution via P2P Sharing in ZAI-Shell Exploit and PoC

File Snapshot


 None

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!