CVE-2026-9565 haojing8312 CVE debrief

Who should care

Organizations using WorkClaw for automated task execution; security teams monitoring Tauri-based applications; developers building command execution features in Rust/Tauri applications

Technical summary

The vulnerability exists in the `is_dangerous` function of WorkClaw's bash tool implementation. This function attempts to blacklist dangerous commands but fails to properly sanitize input, allowing command injection through manipulation of the command string. The affected component is part of the Tauri-based runtime's agent tools, written in Rust. The CVSS 4.0 score of 2.1 (LOW) reflects limited privileges required and low impact, though the network attack vector and public exploit availability increase practical risk. The vulnerability was reported to the project via GitHub issue #4 but remains unaddressed as of the CVE publication date of May 26, 2026.

Defensive priority

low

Recommended defensive actions

• Review and restrict execution of Tauri application bash tools to sandboxed environments
• Implement application whitelisting for WorkClaw processes
• Monitor for anomalous child process spawning from WorkClaw application
• Apply input validation and parameterized command execution in custom Tauri command handlers
• Await vendor patch for WorkClaw and upgrade when available

Evidence notes

Vulnerability identified in Tauri Rust backend code handling bash tool execution. CVSS 4.0 vector indicates network attack vector with low privileges required and low impact to confidentiality, integrity, and availability. CWE-77 and CWE-78 (command injection) assigned. Exploit existence marked as 'proof of concept' in CVSS vector.

Official resources