CRITICAL
jdx
CVE published 2026-06-26
CVE-2026-33646
CVE-2026-33646 is a critical vulnerability in mise, a development tool manager that handles various dev tools like node, python, cmake, and terraform. Prior to version 2026.3.10, mise is susceptible to arbitrary command execution due to its processing of .tool-versions files through the Tera template engine. The exec() function is registered during parsing, which enables an attacker to execute arbitrary c [truncated]