CVE-2026-45369: CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol

1 / 2

CVE-2026-45369: CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol

DEV Community·CVE Reports·18 days ago

#yC6FFW2J

#security #cve #cybersecurity #software #utcp #python

Reading 0:00

15s threshold

CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol Vulnerability ID: CVE-2026-45369 CVSS Score: 10.0 Published: 2026-05-14 CVE-2026-45369 is a critical OS command injection vulnerability in the python-utcp library resulting from unsafe argument substitution in the CLI communication protocol. Unauthenticated attackers can execute arbitrary shell commands via specially crafted tool arguments. TL;DR A command injection flaw in python-utcp's CLI protocol allows attackers to execute arbitrary commands by supplying unescaped shell arguments during tool invocation. ⚠️ Exploit Status: POC Technical Details CWE : CWE-78: OS Command Injection Attack Vector : Network CVSS Score : 10.0 (Critical) Impact : Remote Code Execution Exploit Status : Proof of Concept Available KEV Status : Not Listed Affected Systems Linux macOS Windows python-utcp (utcp-cli) : < 1.1.2 (Fixed in: 1.1.2 ) Mitigation Strategies Upgrade utcp-cli to version 1.1.2 or higher.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

CVE-2026-45369: CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol