CVE-2026-44590 | sherlock-project sherlock up to 0.16.0 Pull Request os command injection (GHSA-v6wr-ccr4-x8g9)

A vulnerability has been found in sherlock-project sherlock up to 0.16.0 and classified as critical. This vulnerability affects unknown code of the component Pull Request Handler. This manipulation causes os command injection.

This vulnerability appears as CVE-2026-44590. The attack may be initiated remotely. There is no available exploit.

The affected component should be upgraded.VulDB Recent EntriesRead More