CVE-2026-25046

CVE-2026-25046 is a low-severity vulnerability with a CVSS 3.x base score of 2.9. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-77.

Key facts

Description

Kimi Agent SDK is a set of libraries that expose the Kimi Code (Kimi CLI) agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync() as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like $(cmd) could execute arbitrary commands. Note: This vulnerability exists only in the repository's development scripts. The published VSCode extension does not include these files and end users are not affected. This is fixed in version 0.1.6 by replacing execSync with execFileSync using array arguments. As a workaround, ensure .vsix files in the project directory have safe filenames before running publish scripts.

Frequently asked questions

What is CVE-2026-25046?
Kimi Agent SDK is a set of libraries that expose the Kimi Code (Kimi CLI) agent runtime in applications. The vsix-publish.js and ovsx-publish.js scripts pass filenames to execSync() as shell command strings. Prior to version 0.1.6, filenames containing shell metacharacters like $(cmd) could execute arbitrary commands. Note: This vulnerability exists only in the repository's development scripts. The published VSCode extension does not include these files and end users are not affected. This is fixed in version 0.1.6 by replacing execSync with execFileSync using array arguments. As a workaround, ensure .vsix files in the project directory have safe filenames before running publish scripts.
How severe is CVE-2026-25046?
CVE-2026-25046 has a CVSS 3.x base score of 2.9, rated low severity. It is exploitable over local access with high attack complexity, requires high privileges and user interaction. Impact on confidentiality is low, integrity low, and availability none.
Is CVE-2026-25046 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (2nd percentile), an estimate of the probability of exploitation in the next 30 days.
How do I fix CVE-2026-25046?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
Does CVE-2026-25046 have an EU (EUVD) identifier?
Yes. CVE-2026-25046 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2026-4948.
When was CVE-2026-25046 published?
CVE-2026-25046 was published on 2026-01-29 and last updated on 2026-06-17.

References

Other CWE-77 (Command Injection) vulnerabilities

Browse all CWE-77 (Command Injection) vulnerabilities →