CVE-2026-9565

MEDIUM NVD

CVSS Score 6.3

Severity MEDIUM

Published May 26, 2026

Vendor unknown

Description

A vulnerability was determined in haojing8312 WorkClaw up to 0.6.4. This affects the function is_dangerous of the file apps/runtime/src-tauri/src/agent/tools/bash.rs of the component Blacklist Handler. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.

References

https://github.com/haojing8312/WorkClaw/
https://github.com/haojing8312/WorkClaw/issues/4
https://vuldb.com/submit/815713
https://vuldb.com/vuln/365627
https://vuldb.com/vuln/365627/cti