Security Advisory

CVE-2026-2256

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-02 20:09:11

Last updated 2026-03-03 20:07:24

Assigner certcc

State PUBLISHED

Description

A command injection vulnerability in ModelScopes ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

← Browse all CVEs View on cve.org ↗