CVE-2026-15669 | louisho5 picobot up to 0.2.0 exec Tool exec.go ExecTool.Execute os command injection (42/43)

SecurityVulns

A vulnerability categorized as critical has been discovered in louisho5 picobot up to 0.2.0. This issue affects the function ExecTool.Execute of the file internal/agent/tools/exec.go of the component exec Tool. The manipulation results in os command injection.

This vulnerability is reported as CVE-2026-15669. The attack requires a local approach. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More