10 matches found
CVE-2026-48547
KanaDojo exposes a command injection in its release workflow. The vulnerability stems from patchNotesData.json fields version/changes being unsafely interpolated into a child_process.execSync() call within release.yml, allowing a PR with shell metacharacters to execute arbitrary commands. If a ma...
CVE-2026-48547 KanaDojo < 0.1.18 Command Injection via patchNotesData.json in release.yml
KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the version or changes fields of patchNotesData.json, which are interpolated unsanitized into a childprocess.execSync cal...
CVE-2026-48546
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...
CVE-2026-48546
KanaDojo before 0.1.18 contains a sandbox-escape RCE in the issue-auto-respond.yml workflow. The root cause is explicit passing of the global require into a Node.js vm.runInNewContext() sandbox, allowing an attacker to modify messages.cjs to import arbitrary Node.js modules and achieve remote cod...
CVE-2026-48546 KanaDojo < 0.1.18 Sandbox Escape RCE via messages.cjs
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...
CVE-2026-48546 KanaDojo < 0.1.18 Sandbox Escape RCE via messages.cjs
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...
EUVD-2026-36273
KanaDojo before 0.1.18 contains a sandbox escape vulnerability that allows an attacker to execute arbitrary code by exploiting the explicit passing of the global require function into a Node.js vm.runInNewContext sandbox context in the issue-auto-respond.yml workflow. Attackers can submit a pull...
KanaDojo 安全漏洞
KanaDojo is an attractive and customizable Japanese learning platform developed by lingdojo. Versions of KanaDojo prior to 0.18.0 contained security vulnerabilities. These vulnerabilities were caused by sandbox escape attacks, allowing attackers to execute arbitrary code by passing the global...
KanaDojo 操作系统命令注入漏洞
KanaDojo is an attractive and customizable Japanese learning platform developed by lingdojo. KanaDojo has a vulnerability related to operating system command injection. This vulnerability arises from command injection, and it could allow attackers with access to pull requests to execute arbitrary...
PT-2026-48700
Name of the Vulnerable Software and Affected Versions KanaDojo versions prior to 0.1.18 Description A sandbox escape allows remote code execution with full GitHub Actions runner privileges, including access to the AUTOMATION PR TOKEN variable. The issue occurs in the issue-auto-respond.yml workfl...