Security Alert: High-Severity Vulnerabilities Found in Terminal Applications (CVE-2002-1898, CVE-2022-44702)

Two high-severity vulnerabilities have been flagged in terminal applications, posing a significant remote code execution risk. The first, CVE-2002-1898 (CVSS 7.2), is a legacy flaw in Apple Mac OS X 10.2's Terminal.app that allows attackers to execute arbitrary commands via malicious `telnet://` links. The second, CVE-2022-44702 (CVSS 7.8), is a more recent Windows Terminal Remote Code Execution Vulnerability. Both alerts are active for release version 1.0.94.

The vulnerabilities target core system utilities used for command-line access, a critical component for developers and system administrators. The Apple flaw exploits shell metacharacters in a URI handler, while the Windows vulnerability's exact mechanism is detailed in its NIST entry. These are not theoretical risks; they are documented CVEs with public proof-of-concept details available, making them actionable for threat actors.

This dual-platform alert underscores a persistent threat surface in foundational software. Organizations and individual users relying on these terminal versions must assess their exposure immediately. The presence of a decades-old CVE alongside a recent one highlights how legacy vulnerabilities can resurface in dependency chains or remain unpatched in older systems. Failure to address these could lead to complete system compromise, data exfiltration, or lateral movement within a network.