AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-9wxg-vf3r-56hc: OpenZeppelin Contracts Wizard: Line terminators in info.securityContact / info.license can inject lines into generated source

lowvulnerability

security

Source: GitHub Advisory DatabaseJune 19, 2026

Summary

The OpenZeppelin Contracts Wizard had a vulnerability where line breaks in the securityContact and license fields could escape from comments and inject arbitrary code into generated smart contracts (code written in Solidity, Cairo, and other blockchain languages). This only affects cases where untrusted input fills these fields, such as when an AI agent processes external content and passes it to the Wizard.

Solution / Mitigation

Fixed by rejecting line terminators in `setInfo`, the function all Wizard surfaces use to set these fields. Upgrade to the patched versions of @openzeppelin/wizard and related packages (@openzeppelin/wizard-confidential and @openzeppelin/wizard-uniswap-hooks will receive the fix through their dependency on the patched @openzeppelin/wizard.

Classification

Attack SophisticationTrivial

Affected Packages

@openzeppelin/wizard-stylus@<= 0.3.0 (fixed: 0.3.1)@openzeppelin/wizard-stellar@<= 0.6.1 (fixed: 0.6.2)@openzeppelin/wizard-cairo@<= 3.0.0 (fixed: 3.0.1)@openzeppelin/wizard@<= 0.10.10 (fixed: 0.10.11)

Monthly digest — independent AI security research

Original source: https://github.com/advisories/GHSA-9wxg-vf3r-56hc

First tracked: June 19, 2026 at 02:00 PM

Classified by LLM (prompt v3) · confidence: 95%