17 matches found
CVE-2026-45369
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...
CVE-2026-45370
python-utcp is the python implementation of UTCP. Prior to 1.1.3, prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single tool call. This...
CVE-2026-45369
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...
CVE-2026-45369 python-utcp: Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...
CVE-2026-45369
Summary: CVE-2026-45369 affects python-utcp prior to 1.1.3, where _substitute_utcp_args in cli_communication_protocol.py injects user-controlled tool_args directly into shell commands without sanitization, leading to potential Remote Code Execution when commands are run via /bin/bash -c (Unix) or...
CVE-2026-45369 python-utcp: Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...
CVE-2026-45369
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...
CVE-2026-45370 python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection
python-utcp is the python implementation of UTCP. Prior to 1.1.3, prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single tool call. This...
CVE-2026-45370 python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection
python-utcp is the python implementation of UTCP. Prior to 1.1.3, prepareenvironment in clicommunicationprotocol.py passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, an attacker can exfiltrate all process-level secrets in a single tool call. This...
CVE-2026-45370
CVE-2026-45370 affects the python-utcp project. The vulnerability resides in _prepare_environment() in cli_communication_protocol.py, which before version 1.1.3 passes a full copy of os.environ to every CLI subprocess. When combined with CVE-2026-45369, this can allow an attacker to exfiltrate al...
CVE-2026-44661
CVE-2026-44661 affects python-utcp (utcp-http plugin) prior to v1.1.3. The vulnerability arises because register_manual() validates discovery URLs against an HTTPS/loopback allowlist, while call_tool()/call_tool_streaming() reuse tool_call_template.url without revalidation and the OpenAPI convert...
CVE-2026-44661 python-utcp: SSRF via attacker-controlled OpenAPI servers[0].url in HTTP communication protocol
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS /...
EUVD-2026-30479
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery SSRF caused by a trust-boundary inconsistency between manual discovery and tool invocation. registermanual validates the discovery URL against an HTTPS /...
PT-2026-41124
Name of the Vulnerable Software and Affected Versions python-utcp versions prior to 1.1.3 Description The prepare environment function in cli communication protocol.py passes a complete copy of os.environ to every CLI subprocess. This allows any environment variable in the host process, such as...
PT-2026-41123
Name of the Vulnerable Software and Affected Versions python-utcp versions prior to 1.1.3 Description The substitute utcp args function in cli communication protocol.py inserts user-controlled tool args values directly into shell command strings without sanitization or escaping. These commands ar...
CVE-2025-14542
The CVE-2025-14542 issue affects the Python UTCP client library (utcp) where the client trusts a tool’s JSON Manual from a remote Manual Endpoint. A malicious remote Manual can alter the specification to execute arbitrary commands on the client, enabling remote code execution. Remediation provide...
CVE-2025-14542 Command execution in python-utcp allows attackers to achieve remote code execution when fetching a remote Manual from a malicious endpoint
The vulnerability arises when a client fetches a tools’ JSON specification, known as a Manual, from a remote Manual Endpoint. While a provider may initially serve a benign manual e.g., one defining an HTTP tool call, earning the clients’ trust, a malicious provider can later change the manual to...