CVE-2026-45369 | universal-tool-calling-protocol python-utcp up to 1.1.1 cli_communication_protocol.py _substitute_utcp_args os command injection (GHSA-33p6-5jxp-p3x4)

A vulnerability, which was classified as critical, was found in universal-tool-calling-protocol python-utcp up to 1.1.1. Affected by this issue is the function _substitute_utcp_args of the file cli_communication_protocol.py. The manipulation results in os command injection.

This vulnerability is reported as CVE-2026-45369. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.VulDB Recent EntriesRead More