CVE-2026-30302
The CVE-2026-30302 entry describes an OS Command Injection in CodeRider-Kilo’s command auto-approval module. The root cause is the use of a Unix-based shell-quote parser to analyze Windows commands and improper handling of Windows CMD escape sequences (^). Attackers can craft payloads such as git...