{"data":{"id":"e8f8bedc-a0bd-4db0-87e1-a418d0e3a23f","title":"GHSA-wg5p-8h9p-3mr7: agent-coderag: Gradle Wrapper Execution During Dependency Discovery Enables Arbitrary Code Execution","summary":"agent-coderag has a critical vulnerability where it automatically executes a `gradlew` script (a build automation file) from any repository during its default dependency-discovery process, without checking if the script is legitimate. An attacker can place a malicious `gradlew` script in a fake repository to run arbitrary code (unrestricted commands) on a victim's computer whenever they run the standard `agent-coderag sync` command, requiring no special permissions or authentication.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-wg5p-8h9p-3mr7","publishedAt":"2026-06-19T15:01:06.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":"high","severity":"high","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":["agent-coderag@<= 1.3.0 (fixed: 1.3.1)"],"affectedVendors":["LangChain"],"affectedVendorsRaw":["agent-coderag"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":true,"disclosureDate":"2026-06-19T15:01:06.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}