CVE-2026-9565
Gravedad CVSS v4.0:
BAJA
Tipo:
CWE-77
Neutralización incorrecta de elementos especiales usados en un comando (Inyección de comando)
Fecha de publicación:
26/05/2026
Última modificación:
26/05/2026
Descripción
*** Pendiente de traducción *** A vulnerability was determined in haojing8312 WorkClaw up to 0.6.4. This affects the function is_dangerous of the file apps/runtime/src-tauri/src/agent/tools/bash.rs of the component Blacklist Handler. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Impacto
Puntuación base 4.0
2.10
Gravedad 4.0
BAJA
Puntuación base 3.x
6.30
Gravedad 3.x
MEDIA
Puntuación base 2.0
6.50
Gravedad 2.0
MEDIA



