CVE-2026-44972
Published: 27 May 2026
Summary
CVE-2026-44972 is a medium-severity Improper Encoding or Escaping of Output (CWE-116) vulnerability. Its CVSS base score is 5.0 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Hide Artifacts (T1564); ranked at the 1.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-32534
Vulnerability details
GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject…
more
ANSI or OSC escape sequences into analyst terminals or CI logs.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Terminal escape injection in security tool output directly enables hiding artifacts in logs/terminals and impairing defensive analysis of malicious packages.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validating that output matches expected content directly mitigates failures to properly encode or escape data for its destination context.