CVE-2026-25805 MEDIUM

CVE-2026-25805: Zed does not show Parameter Values for MCP Tool Calls. Users cannot detect tool poisoning.

Vendor Zed-Industries
Product zed
Weakness CWE-356
Published February 10, 2026
Last update February 10, 2026

CVSS base score

6.4/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Zed is a multiplayer code editor. Prior to 0.219.4, Zed does not show with which parameters a tool is being invoked, when asking for allowance. Further it does not show after the tool was being invoked, which parameters were used. Thus, maybe unwanted or even malicious values could be used without the user having a chance to notice it. Patched in Zed Editor 0.219.4 which includes expandable tool call details.

Key dates

02Disclosure timeline

February 10, 2026 CVE published
February 10, 2026 Record updated