{"data":{"id":"0b10fbd9-7250-4815-91c6-6817481b5c02","title":"CVE-2026-48719: Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp c","summary":"Warp is an agentic development environment (a tool that helps developers write code with AI assistance) that contained a command injection vulnerability (a flaw where specially crafted input can trick a system into running unintended commands) in its branch selector feature. An attacker who could publish a malicious Git branch name to a repository could cause that branch name to be executed as a shell command (instructions sent directly to the operating system) when a victim selected it from Warp's user interface.","solution":"This vulnerability is fixed in version 0.2026.05.06.15.42.stable_01. Users should update Warp to this version or later.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-48719","publishedAt":"2026-06-24T18:17:17.983Z","cveId":"CVE-2026-48719","cweIds":["CWE-78"],"cvssScore":"8","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Warp"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"network","attackComplexity":"low","privilegesRequired":"low","userInteraction":"required","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-06-24T18:17:17.983Z","capecIds":["CAPEC-88"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}