CVE-2026-33646

Name of the Vulnerable Software and Affected Versions mise versions prior to 2026.3.10

Description mise processes .tool-versions files using the Tera template engine, which includes a registered exec() function that allows for arbitrary command execution. In the default non-paranoid mode, .tool-versions files do not undergo trust verification, unlike .mise.toml files. This allows an attacker to place a malicious .tool-versions file in a repository containing Tera template syntax. When a user with mise activated enters the directory, the shell hook automatically parses the file and executes the commands within the exec() function silently, without any trust prompt or warning. The commands run with the full privileges and environment of the current user, potentially exposing sensitive data such as API keys, tokens, and SSH agents.

Recommendations Update to mise version 2026.3.10. As a temporary mitigation, enable paranoid mode in the settings to ensure trust checks are performed on all configuration files.