2 matches found
CVE-2026-30305
Syntx's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, it...
CVE-2026-30305
The CVE-2026-30305 issue affects Syntx’s command auto-approval module. The vulnerability arises from fragile regular expressions used to parse commands, which fail to handle Shell command substitution syntax (e.g., $(...) and backticks). An attacker can craft a command such as git log --grep="$(m...