CVE-2026-55448

Name of the Vulnerable Software and Affected Versions mise versions 2026.3.15 through 2026.6.3

Description mise loads the github.credential command setting from local project configuration files before any trust decision is made. When resolving a GitHub token, the software executes the value of this setting using sh -c via the get credential command token() function. An attacker who can place a .mise.toml file in a repository can execute arbitrary shell commands on a victim's system if the victim runs a GitHub-related mise command and no higher-priority GitHub token environment variables are set. The execution path involves Settings::try get() preloading settings and parse settings file() returning them without verifying if the local file is trusted.

Recommendations Update mise to version 2026.6.4. As a temporary workaround, avoid running mise commands in repositories containing untrusted .mise.toml files, or ensure that a high-priority GitHub token environment variable is set to prevent the software from falling back to the github.credential command setting.