CVE-2026-2256 - Vulnerability Analysis
N/aLast Updated: March 2, 2026
ModelScope ms-agent - Command Injection
Published: March 2, 2026Updated: March 2, 2026PoC Available
Overview
ModelScope ms-agent <= v1.6.0rc1 contains a command injection caused by crafted prompt-derived input, letting attackers execute arbitrary operating system commands remotely, exploit requires crafted input.
Severity & Score
Severity: N/a
Impact
Attackers can execute arbitrary operating system commands, potentially leading to full system compromise.
Mitigation
Update to the latest version beyond v1.6.0rc1.
References
- https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC
- https://github.com/modelscope/ms-agent
- https://medium.com/@itamar.yochpaz/cve-2026-2256-from-ai-prompt-to-full-system-compromise-a4114c718326
- https://www.hiddenlayer.com/research/indirect-prompt-injection-of-claude-computer-use
- https://www.kb.cert.org/vuls/id/431821
Related Resources
Details
- CVE ID
- CVE-2026-2256
- Severity
- N/a
- Type
- command_injection
- Status
- new
CVSS Metrics
N/A