PatchSiren cyber security CVE debrief

CVE-2026-44444 prolix-oc CVE debrief

A critical vulnerability in Lumiverse's Spindle extension build pipeline allows malicious extensions to execute arbitrary host-level code during installation. The issue stems from `bun install` being invoked without the `--ignore-scripts` flag prior to the `assertSafeBackendBundle` static safety scan. This enables a malicious extension containing lifecycle scripts (preinstall, postinstall, or prepare) in its package.json to achieve code execution immediately when an administrator initiates installation, before any distribution files are inspected. The vulnerability is particularly severe due to its network-attack vector, low complexity, and high privileges required (administrator), combined with a changed scope affecting resources beyond the vulnerable component. The CVSS 3.1 score of 9.1 reflects critical impacts to confidentiality, integrity, and availability. The weakness is categorized as CWE-78 (OS Command Injection) through npm/bun lifecycle script execution.

Vendor: prolix-oc
Product: Lumiverse
CVSS: CRITICAL 9.1
CISA KEV: Not listed in stored evidence
Original CVE published: 2026-05-26
Original CVE updated: 2026-05-27
Advisory published: 2026-05-26
Advisory updated: 2026-05-27

Who should care

Lumiverse administrators and operators of AI chat platforms using the Spindle extension ecosystem; security teams monitoring supply chain risks in AI/ML application extensions; developers maintaining bun/npm-based extension pipelines requiring pre-installation safety validation

Technical summary

The Spindle extension system in Lumiverse versions prior to 0.9.7 contains a time-of-check to time-of-use (TOCTOU) vulnerability in its build pipeline. When an administrator initiates extension installation, the pipeline executes `bun install` to fetch dependencies before running the `assertSafeBackendBundle` static analysis routine. Because `bun install` processes lifecycle scripts (preinstall, postinstall, prepare) by default, a malicious extension can embed arbitrary commands in its package.json that execute on the host system immediately upon installation initiation. This occurs before any safety validation examines the extension's distribution files. The vulnerability requires administrator privileges to trigger installation but yields complete host compromise with changed scope, as the execution context extends beyond the Lumiverse application boundary. The fix in version 0.9.7 reorders operations to ensure static safety validation completes before any package installation with potential script execution.

Defensive priority

critical

Recommended defensive actions

Upgrade Lumiverse to version 0.9.7 or later immediately
Audit all installed Spindle extensions for unauthorized lifecycle scripts in package.json files
Review extension installation logs for suspicious preinstall/postinstall/prepare script execution prior to 2026-05-26
Implement network segmentation to limit Lumiverse admin interface access to trusted administrative hosts
Enable comprehensive logging for all bun/npm install operations within the Spindle pipeline
Establish extension vetting procedures requiring manual package.json inspection before installation from untrusted sources
Monitor for anomalous host-level process execution immediately following extension installation attempts

Evidence notes

Official CVE record published 2026-05-26. GitHub Security Advisory GHSA-8x98-3wjp-pmj9 confirms the vulnerability exists in versions prior to 0.9.7 and identifies the root cause as missing --ignore-scripts flag in the Spindle extension build pipeline. NVD entry reflects CVSS 3.1 vector AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H. Fix version 0.9.7 explicitly addresses the lifecycle script execution window by ensuring safety scans precede any script execution.

Official resources

2026-05-26