Itamar Yochpaz

**Name of the Vulnerable Software and Affected Versions** ModelScope ms-agent versions prior to v1.6.0rc1 **Description** A command injection issue exists in the ModelScope ms-agent framework, specifically within the Shell tool, due to improper input sanitization. The regular expression-based blacklist used to filter harmful commands is ineffective against crafted attacks. This allows an attacker to execute arbitrary operating system commands through crafted prompt-derived input or by injecting malicious content into data sources used by the agent, without requiring direct shell access. Successful exploitation can lead to full system compromise, including the exfiltration of sensitive data such as API keys and configuration files, and the modification of system configurations. **Recommendations** For versions prior to v1.6.0rc1, replace the implemented blacklist filtering with stronger allowlist protocols. Limit the deployment of ms-agent to trusted environments where all input is considered safe and validated. Implement sandboxes and least-privilege permissions for agents with shell execution capabilities.

**Name of the Vulnerable Software and Affected Versions** Commugen SOX 365 (affected versions not specified) **Description** The issue is related to improper neutralization of input during web page generation, which can lead to cross-site scripting. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.