{"vulnerability": "cve-2026-4536", "sightings": [{"uuid": "b1ce932a-01b5-487c-9053-1ea01697f1be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-4536", "type": "seen", "source": "https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-4536", "content": "", "creation_timestamp": "2026-03-22T04:16:19.000000Z"}, {"uuid": "b9a7eb50-4da5-4301-9422-49cf31f21d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4536", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mhmw2fctyk24", "content": "", "creation_timestamp": "2026-03-22T06:26:48.673611Z"}, {"uuid": "cb266971-af70-4ec6-88a3-67982f421e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4536", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mhmx2noybu2s", "content": "", "creation_timestamp": "2026-03-22T06:44:50.819492Z"}, {"uuid": "3bed45a7-2c30-46fe-8837-c81400ee08dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45369", "type": "published-proof-of-concept", "source": "https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-33p6-5jxp-p3x4", "content": "", "creation_timestamp": "2026-05-10T11:59:32.000000Z"}, {"uuid": "6e8d5c9c-829a-43e2-bef4-e15769e9417a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45369", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mluafm52ux2q", "content": "CVE-2026-45369 - python-utcp: Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol\nCVE ID : CVE-2026-45369\n \n Published : May 14, 2026, 9:16 p.m. | 2\u00a0hours, 17\u00a0minutes ago\n \n Description : python-utcp is the python implementation of UTCP. Prior...", "creation_timestamp": "2026-05-15T02:01:26.588024Z"}, {"uuid": "1aa95318-5231-43fe-86cd-d41be44d2b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45369", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mlugqvo6dx2e", "content": "\ud83d\udfe0 CVE-2026-45369 - High (8.3)\n\npython-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args metho...\n\nhttps://www.thehackerwire.com/vulnerability/CVE-2026-45369/\n\n#infosec #cybersecurity #CVE #vulnerability #security #patchstack", "creation_timestamp": "2026-05-15T03:57:20.807439Z"}, {"uuid": "f8e220ef-7f26-424c-867a-e571e5c8650b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45365", "type": "published-proof-of-concept", "source": "https://github.com/open-webui/open-webui/security/advisories/GHSA-v6qf-75pr-p96m", "content": "", "creation_timestamp": "2026-05-10T11:15:24.000000Z"}, {"uuid": "aa5d992c-afa0-412d-938d-77fca994c98c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45369", "type": "seen", "source": "https://gist.github.com/alon710/b6fd947590993b5b0ed338c431321ca8", "content": "# CVE-2026-45370: CVE-2026-45370: Environment Variable Leak in python-utcp CLI Subprocesses\n\n> **CVSS Score:** 7.7\n> **Published:** 2026-05-14\n> **Full Report:** https://cvereports.com/reports/CVE-2026-45370\n\n## Summary\nThe python-utcp library improperly exposes the host application's full environment variables to spawned subprocesses via os.environ.copy(). When combined with an existing command injection flaw, attackers can exfiltrate all host secrets in a single request.\n\n## TL;DR\npython-utcp prior to version 1.1.3 improperly exposes process-level environment variables to CLI subprocesses, enabling secret exfiltration when chained with command injection vulnerabilities.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-526\n- **CVSS Score**: 7.7 (High)\n- **Attack Vector**: Network\n- **Impact**: High Confidentiality Loss\n- **Affected Component**: cli_communication_protocol.py\n- **Related CVE**: CVE-2026-45369\n\n## Affected Systems\n\n- python-utcp\n- Universal Tool Calling Protocol (UTCP) CLI applications\n- **python-utcp**: < 1.1.3 (Fixed in: `1.1.3`)\n\n## Mitigation\n\n- Upgrade the python-utcp library to version 1.1.3 or higher.\n- Override the _prepare_environment() function to return an explicit allowlist of environment variables.\n- Implement defense-in-depth by adopting short-lived, scoped credentials instead of permanent environment variables.\n- Monitor subprocess creation logs for suspicious shell commands or arguments.\n\n**Remediation Steps:**\n1. Identify all deployments utilizing the python-utcp package.\n2. Update requirements.txt or pipfile to mandate python-utcp >= 1.1.3.\n3. Restart the application to ensure the patched library is loaded into memory.\n4. If compromise is suspected, immediately rotate all secrets, API keys, and database credentials previously stored in the host environment.\n\n## References\n\n- [GitHub Advisory: GHSA-5v57-8rxj-3p2r](https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-5v57-8rxj-3p2r)\n- [GitHub Advisory: GHSA-33p6-5jxp-p3x4](https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-33p6-5jxp-p3x4)\n- [NVD Vulnerability Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-45370)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-45370)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-45370) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-14T22:10:29.000000Z"}, {"uuid": "3fdcd5c2-bd3a-4cda-acee-f207b5be2c8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45369", "type": "seen", "source": "https://gist.github.com/alon710/f627229667d4bc68a14db2ecccec0ef9", "content": "# CVE-2026-45369: CVE-2026-45369: OS Command Injection in python-utcp CLI Protocol\n\n> **CVSS Score:** 10.0\n> **Published:** 2026-05-14\n> **Full Report:** https://cvereports.com/reports/CVE-2026-45369\n\n## Summary\nCVE-2026-45369 is a critical OS command injection vulnerability in the python-utcp library resulting from unsafe argument substitution in the CLI communication protocol. Unauthenticated attackers can execute arbitrary shell commands via specially crafted tool arguments.\n\n## TL;DR\nA command injection flaw in python-utcp's CLI protocol allows attackers to execute arbitrary commands by supplying unescaped shell arguments during tool invocation.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE**: CWE-78: OS Command Injection\n- **Attack Vector**: Network\n- **CVSS Score**: 10.0 (Critical)\n- **Impact**: Remote Code Execution\n- **Exploit Status**: Proof of Concept Available\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Linux\n- macOS\n- Windows\n- **python-utcp (utcp-cli)**: < 1.1.2 (Fixed in: `1.1.2`)\n\n## Mitigation\n\n- Upgrade `utcp-cli` to version 1.1.2 or higher.\n- Implement strict input validation and allowlisting on all tool arguments.\n- Refactor tool definitions to avoid relying on multi-argument expansion from a single placeholder.\n- Run the python-utcp process in a hardened container with minimal privileges.\n\n**Remediation Steps:**\n1. Identify all deployments of `python-utcp` and `utcp-cli` within your environment.\n2. Update the dependencies via your package manager (`pip install --upgrade utcp-cli>=1.1.2`).\n3. Review existing UTCP tool configurations to ensure no single `UTCP_ARG` placeholder is used to pass multiple arguments.\n4. Restart the affected services to ensure the patched library is loaded into memory.\n5. Monitor process creation events for anomalous shell activity originating from the python service.\n\n## References\n\n- [GitHub Advisory](https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-33p6-5jxp-p3x4)\n- [Project Repository](https://github.com/universal-tool-calling-protocol/python-utcp)\n- [CVE Record](https://www.cve.org/CVERecord?id=CVE-2026-45369)\n- [NVD Record](https://nvd.nist.gov/vuln/detail/CVE-2026-45369)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-45369) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-14T22:40:29.000000Z"}, {"uuid": "ccadb69a-a196-4f0f-8ca4-a018ec7ffe61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45360", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mn5or2ktfg26", "content": "CVE-2026-45360: Apache Airflow: Arbitrary import in custom deadline-reference deserialization", "creation_timestamp": "2026-05-31T13:37:32.436951Z"}, {"uuid": "2a6e8f37-7f3b-4b6d-a5c7-22ded4d8d5f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45361", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mmuwrpmrwn2u", "content": "\ud83d\udccc CVE-2026-45361 - Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker... https://www.cyberhub.blog/cves/CVE-2026-45361", "creation_timestamp": "2026-05-28T02:07:07.303278Z"}]}