PT-2026-57961 · Louisho5 · Picobot

Eric-H

·

Published

2026-07-14

·

Updated

2026-07-14

·

CVE-2026-15669

CVSS v2.0

4.3

Medium

VectorAV:L/AC:L/Au:S/C:P/I:P/A:P
A vulnerability was found in louisho5 picobot up to 0.2.0. This issue affects the function ExecTool.Execute of the file internal/agent/tools/exec.go of the component exec Tool. The manipulation results in os command injection. The attack requires a local approach. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.

Exploit

Fix

OS Command Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-15669

Affected Products

Picobot