CVE-2026-47092 | jarrodwatts claude-hud up to 0.0.12 on Windows Environment Variable execFile uncontrolled search path (Issue 485)

A vulnerability categorized as problematic has been discovered in jarrodwatts claude-hud up to 0.0.12 on Windows. Impacted is the function execFile of the component Environment Variable Handler. The manipulation results in uncontrolled search path.

This vulnerability is reported as CVE-2026-47092. The attack requires a local approach. No exploit exists.

Applying a patch is advised to resolve this issue.VulDB Recent EntriesRead More