# tmux 3.6a

tmux source code

Snapshot of gominimal/pkgs commit `cd4b09dd2f492c47fba70eb1b8a8c724dabdc7e9` (pushed 2026-07-10T23:16:55.000Z).

## Install

```sh
min add tmux
```

## Direct advisories

None at this commit.

## Transitive advisories

14 advisories inherited through runtime dependencies:

- CVE-2026-4046 (HIGH) via glibc
- CVE-2026-4437 (HIGH) via glibc
- CVE-2026-4438 (MEDIUM) via glibc
- CVE-2026-5450 (CRITICAL) via glibc
- CVE-2026-5928 (HIGH) via glibc
- GHSA-2gmv-p5m7-98p6 (UNKNOWN) via libevent
- GHSA-45c6-qx49-89m8 (UNKNOWN) via libevent
- GHSA-58rx-7448-jw47 (HIGH) via libevent
- GHSA-5rgj-2c58-7jrc (MEDIUM) via libevent
- GHSA-c2pj-cg4r-88c8 (UNKNOWN) via libevent
- GHSA-cvq5-vrvr-j338 (HIGH) via libevent
- GHSA-fj29-64w6-73h6 (UNKNOWN) via libevent
- GHSA-jcwh-pvf2-73p2 (UNKNOWN) via libevent
- GHSA-q39v-w2g7-gr8j (UNKNOWN) via libevent

## Dependencies

- Build (9): base, toolchain, m4, make, perl, bison, autoconf, automake, pkgconf
- Runtime (3): glibc, ncurses, libevent

## Scorecard

| Category | Score | Band |
| --- | --- | --- |
| supply-chain | 60 | mid |
| advisories | 10 | low |
| quality | 25 | low |
| maintenance | 50 | mid |
| licence | 100 | perfect |

## Links

- Package page (HTML): https://minimal.dev/pkgs/tmux
- JSON API (floats latest): https://minimal.dev/api/pkgs/tmux.json
- SBOM (CycloneDX 1.5): https://minimal.dev/api/pkgs/tmux/sbom.json
