Critical CVE-2026-43944 Exposes electerm Users to Arbitrary Code Execution via Deep Links and CLI

A critical vulnerability has been identified in electerm, an open-source terminal and remote access client supporting SSH, SFTP, telnet, serialport, RDP, VNC, Spice, and FTP protocols. Tracked as CVE-2026-2026-43944 with a CVSS score of 9.6, the flaw affects versions 3.0.6 through 3.8.14, leaving a significant number of installations exposed to arbitrary local code execution.

The vulnerability enables attackers to achieve code execution through multiple vectors: deep links, CLI --opts parameters, or crafted shortcuts. This means an adversary could potentially compromise a system by tricking a user into clicking a malicious link or executing a crafted command. The broad range of affected protocol support compounds the risk, as electerm is commonly used by developers, system administrators, and IT professionals who often operate with elevated privileges.

Security researchers and vulnerability databases have flagged the issue as requiring urgent patching. Electerm versions 3.8.15 and later address the flaw, and users of affected versions are strongly advised to update immediately. Organizations utilizing electerm in enterprise environments should assess their exposure, particularly where the tool is integrated into automated workflows or used to manage sensitive infrastructure. The high CVSS score and the availability of multiple exploitation paths make this a priority target for threat actors, underscoring the importance of timely remediation and monitoring for any suspicious activity involving the application.