{"uuid": "f7d1dc33-4584-4280-bff4-292c5ced6a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-42994", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mkrha6jb7626", "content": "Bitwarden CLI v2026.4.0 (npm, Apr 2026) faces HIGH severity OS Command Injection (CVSS 8.8). Supply chain compromise \u2014 avoid this version & check your installs. No patch yet. https://radar.offseq.com/threat/cve-2026-42994-cwe-78-improper-neutralization-of-s-70529260 #OffSeq #Bitwarden #Vuln", "creation_timestamp": "2026-05-01T06:00:30.455444Z"}