Lucene search
+L

66 matches found

RedhatCVE
RedhatCVE
added 2026/01/21 12:30 a.m.9 views

CVE-2026-23947

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

9.8CVSS6.3AI score0.0075EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.4 views

PT-2026-5442

Name of the Vulnerable Software and Affected Versions Orval versions 7.19.0 through 7.20.9 Orval versions 8.0.0 through 8.1.9 Description Orval, a tool that generates type-safe JavaScript clients from OpenAPI specifications, is affected by a code injection issue. The jsStringEscape function does...

9.8CVSS6.4AI score0.0075EPSS
Exploits1References22
vulnersOsv
vulnersOsv
added 2026/01/20 1:46 a.m.8 views

@orval/angular (>=8.0.0 <=8.0.1), @orval/axios (>=8.0.0 <=8.0.1) +9 more potentially affected by CVE-2026-23947 via @orval/core (>=8.0.0-rc.0 <=8.0.1)

@orval/core NPM version =8.0.0-rc.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.1 Source cves: CVE-2026-23947 Source advisory: SNYK:JS-ORVALCORE-15038726...

9.8CVSS5.8AI score0.0075EPSS
Exploits1
Snyk
Snyk
added 2026/01/20 1:46 a.m.6 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the getEnumImplementation function. An attacker can execute arbitrary code in environments that consume generated clients by supplying a crafted OpenAPI specification containing malicious content in the...

9.8CVSS6.1AI score0.0075EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/01/20 1:46 a.m.8 views

@beshkenadze/orval-mcp (=7.11.2-fix.2), @orval/angular (>=7.10.0 <=7.18.0) +11 more potentially affected by CVE-2026-23947 via @orval/core (>=7.10.0 <=7.18.0)

@orval/core NPM version =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =1.0.1, =7.10.0, =7.10.0, =7.13.2 Source cves: CVE-2026-23947 Source advisory: SNYK:JS-ORVALCORE-15038726...

9.8CVSS5.8AI score0.0075EPSS
Exploits1
NVD
NVD
added 2026/01/20 1:15 a.m.6 views

CVE-2026-23947

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

9.8CVSS0.0075EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/01/20 12:19 a.m.2 views

CVE-2026-23947 Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

9.3CVSS6.3AI score0.0075EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/20 12:19 a.m.6 views

CVE-2026-23947

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

9.3CVSS6.3AI score0.0075EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2026/01/20 12:19 a.m.22 views

CVE-2026-23947 Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

9.3CVSS0.0075EPSS
Exploits1References2
CVE
CVE
added 2026/01/20 12:19 a.m.47 views

CVE-2026-23947

CVE-2026-23947 / CVE-2026-25141 affect Orval’s OpenAPI JS client generator. Vulnerable in versions prior to 7.21.0 (and 8.2.0) with incomplete/patchy fixes; an attacker can inject arbitrary code via x-enumDescriptions during const enum generation, leading to code execution in generated clients. T...

9.8CVSS6.3AI score0.0075EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/01/20 12:19 a.m.5 views

CVE-2026-23947 Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

9.3CVSS6.4AI score0.0075EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.11 views

Orval security vulnerabilities

Orval is an open-source interface development tool developed by Orval. Versions of Orval from 7.10.0 to 8.0.2 contained security vulnerabilities. These vulnerabilities were caused by the x-enumDescriptions field not being properly escaped and embedded, which could allow arbitrary code to execute...

9.8CVSS6.1AI score0.0075EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.6 views

PT-2026-3522

Name of the Vulnerable Software and Affected Versions Orval versions 7.10.0 through 8.0.2 Description Orval, a tool for generating type-safe JavaScript clients from OpenAPI specifications, is affected by an arbitrary code execution issue. Untrusted OpenAPI specifications can inject arbitrary...

9.3CVSS6.1AI score0.0075EPSS
Exploits1References16
GithubExploit
GithubExploit
added 2026/01/17 9:7 a.m.231 views

Exploit for CVE-2026-22785

CVE-2026-22785 Reproducing Tutorial Vulnerability Overview...

9.3CVSS5.8AI score0.00709EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.8 views

CVE-2026-22785

orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Prior to 7.18.0, the MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allo...

9.8CVSS6.9AI score0.00709EPSS
Exploits2References1
vulnersOsv
vulnersOsv
added 2026/01/13 7:12 p.m.6 views

d2m-apigen (>=1.0.1 <=2.1.7), orval (>=7.10.0 <=7.17.2) +1 more potentially affected by CVE-2026-22785 via @orval/mcp (>=7.10.0 <=7.17.2)

@orval/mcp NPM version =7.10.0, =1.0.1, =7.10.0, =7.10.0, =7.13.2 Source cves: CVE-2026-22785 Source advisory: SNYK:JS-ORVALMCP-14928070...

9.8CVSS5.8AI score0.00709EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/01/13 7:12 p.m.5 views

d2m-apigen (>=1.0.1 <=2.1.7), orval (>=7.10.0 <=7.17.2) +1 more potentially affected by CVE-2026-22785 via @orval/mcp (>=7.10.0 <=7.17.2)

@orval/mcp NPM version =7.10.0, =1.0.1, =7.10.0, =7.10.0, =7.13.2 Source cves: CVE-2026-22785 Source advisory: OSV:GHSA-MWR6-3GP8-9JMJ...

9.8CVSS5.8AI score0.00709EPSS
Exploits2
EUVD
EUVD
added 2026/01/13 7:12 p.m.6 views

EUVD-2026-2002

orval MCP client is vulnerable to a code injection attack...

9.3CVSS6.9AI score0.00709EPSS
Exploits2References3
Github Security Blog
Github Security Blog
added 2026/01/13 7:12 p.m.14 views

orval MCP client is vulnerable to a code injection attack.

Impact The MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allows an attacker to "break out" of the string literal and inject arbitrary code. Here is an example OpenAPI with th...

9.8CVSS6.9AI score0.00709EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2026/01/12 7:16 p.m.8 views

CVE-2026-22785

orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Prior to 7.18.0, the MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allo...

9.8CVSS0.00709EPSS
Exploits2References2
Rows per page
Query Builder