CVE-2026-55441
Published: 26 June 2026
Summary
CVE-2026-55441 is a high-severity OS Command Injection (CWE-78) vulnerability. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked at the 8.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-39815
Vulnerability details
mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.4, mise's trust feature gates config files (mise.toml, .tool-versions) through trust_check, but task-include files are loaded on a path that never reaches it. When a directory has a…
more
task-include dir (mise-tasks/, .mise/tasks/, …) but no config file, mise falls back to the default includes and renders each task's tera fields — and that tera environment has exec() registered. A {{ exec(command='…') }} in any rendered field runs arbitrary commands the moment the tasks are merely listed. There's no config file to gate on, so no trust prompt ever appears. Read-only commands trigger it: mise tasks, mise task ls, mise run, mise tasks --usage (the query shell completion runs on Tab). The victim only has to cd into a cloned repo and list or tab-complete a task. This vulnerability is fixed in 2026.6.4.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct OS command injection (CWE-78) via unsandboxed tera exec() in task rendering enables Unix shell command execution (T1059.004) on mere task listing; attack requires only cd + mise invocation, mapping to client-side exploitation for execution (T1203).
CVEs Like This One
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.
Overrides or renders irrelevant incorrect permission assignments on critical executable resources by using hardware-level immutability.
Validates inputs to block special elements that would alter OS command execution.
Procedures support proper permission assignment for critical resources through documented controls.
Attribute management for resources provides a mechanism to assign and maintain correct permissions based on security labels.
Prevents overly permissive assignments to critical resources by limiting to task needs.
Training policy covers correct permission assignment, reducing the ability to exploit incorrect permission assignments for critical resources.
Training on permission management reduces incorrect permission assignments for critical resources.
Hardening callouts derived
Configuration rules from DISA STIG baselines that reduce the attack surface for weaknesses of the type cited by this CVE. Derived transitively via CVE→CWE→STIG over `controls_xwalks` (authoritative rows only).
Oracle Linux 8 (1 rule)
- V-248577 OL 8 must enable kernel parameters to enforce Discretionary Access Control (DAC) on symlinks. via CWE-732
Windows Server 2016 (2 rules)
- V-224972 Active Directory Group Policy objects must have proper access control permissions. via CWE-732
- V-224831 Local volumes must use a format that supports NTFS attributes. via CWE-732
Windows Server 2019 (2 rules)
- V-205663 Windows Server 2019 local volumes must use a format that supports NTFS attributes. via CWE-732
- V-205741 Windows Server 2019 Active Directory Group Policy objects must have proper access control permissions. via CWE-732
Windows Server 2022 (2 rules)
- V-254393 Windows Server 2022 Active Directory Group Policy objects must have proper access control permissions. via CWE-732
- V-254250 Windows Server 2022 local volumes must use a format that supports NTFS attributes. via CWE-732