CVE-2026-31233

Name of the Vulnerable Software and Affected Versions Guardrails AI versions prior to 0.6.8

Description A code injection issue exists in the Hub package installation mechanism. When installing validator packages using the command guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script defined in the post install field. Because the script path is constructed from untrusted manifest data and executed without proper validation or sanitization, it allows for remote code execution. An attacker capable of publishing malicious packages to the Hub can inject arbitrary code that executes on any system where a victim installs the malicious package.

Recommendations Update to version 0.6.8 or later.