CVE-2026-36045
Published: 27 May 2026
Summary
CVE-2026-36045 is a high-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked in the top 33.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
picoclaw versions 0.1.2 and earlier contain an OS command injection vulnerability in the ExecTool component located in pkg/tools/shell.go. The guardCommand function attempts to sanitize inputs by applying a denylist of eight regular expressions, but the denylist is incomplete and fails to block all dangerous command patterns, resulting in CWE-78 exposure with a CVSS 3.1 score of 7.3.
An unauthenticated remote attacker can supply crafted input to the ExecTool interface and execute arbitrary operating system commands, achieving limited impacts on confidentiality, integrity, and availability without requiring user interaction or elevated privileges.
The EPSS score remains flat at 0.0274 with no material increase after disclosure, indicating limited observed exploitation interest to date. The referenced GitHub release and gist materials do not detail additional mitigations beyond the affected version tag.
EU & UK References
No EU or UK CSIRT advisories indexed for this CVE.
Vulnerability details
picoclaw <=v0.1.2 and earlier is vulnerable to OS command injection via the ExecTool component (pkg/tools/shell.go). The guardCommand() function attempts to restrict shell command execution using a denylist of 8 regular expressions, but the denylist is incomplete.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection via incomplete denylist directly enables arbitrary Unix shell command execution (T1059.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.