Arbitrary Code Execution

Orval is vulnerable to Arbitrary Code Execution. The vulnerability is due to unsanitized embedding of untrusted OpenAPI fields, where attacker-controlled values in the x-enumDescriptions field are injected without proper escaping during enum generation, resulting in executable JavaScript/TypeScri...

GHSA-H526-WF6G-67JV Orval has a code injection via unsanitized x-enum-descriptions in enum generation

Impact Arbitrary code execution in environments consuming generated clients This issue is similar in nature to the recently-patched MCP vulnerability CVE-2026-22785, but affects a different code path in @orval/core that was not addressed by that fix. The vulnerability allows untrusted OpenAPI...

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the getEnumImplementation function. An attacker can execute arbitrary code in environments that consume generated clients by supplying a crafted OpenAPI specification containing malicious content in the...

CVE-2026-23947

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

CVE-2026-23947

Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions prior to 7.19.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. This issue is similar in nature to CVE-2026-22785, but affects a...

Orval security vulnerabilities

Orval is an open-source interface development tool developed by Orval. Versions of Orval from 7.10.0 to 8.0.2 contained security vulnerabilities. These vulnerabilities were caused by the x-enumDescriptions field not being properly escaped and embedded, which could allow arbitrary code to execute...