CVE-2026-27626

Name of the Vulnerable Software and Affected Versions OliveTin versions up to and including 3000.10.0

Description OliveTin, a tool designed to simplify shell command execution, has flaws in its shell command execution mechanism. The checkShellArgumentSafety function does not block the password argument type, allowing injection of shell metacharacters and arbitrary OS command execution. Additionally, webhook-extracted JSON values bypass type safety checks entirely before being passed to sh -c, leading to unauthenticated remote code execution (RCE) if the instance receives webhooks from external sources. Exploiting both vectors results in unauthenticated RCE on any OliveTin instance using Shell mode with webhook-triggered actions. The vulnerability stems from inadequate input validation and safety checks within the application. The vulnerable function is checkShellArgumentSafety. The vulnerable parameters are the password argument and webhook-extracted JSON values.

Recommendations Versions prior to 3000.10.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.