2 matches found
CVE-2026-2256
creationtimestamp| type| source ---|---|--- 2026-03-02 23:59:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg4hk5uxjl2d 2026-03-03 03:47:10+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mg4ubhkdju2w 2026-03-03 10:54:35+00:00| seen|...
CVE-2026-2256
Summary: CVE-2026-2256 affects ModelScope’s ms-agent up to version v1.6.0rc1. The root cause is improper input sanitization in the Shell tool, where a regex-based blacklist can be bypassed, enabling an attacker to run arbitrary OS commands via crafted prompt-derived input. This can lead to full s...