CyberRota
← Ana sayfaya dön

CVE-2026-48703

HIGH · CVSS 7.8 EPSS %0.18 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-24T18:17:17.723 · Çekilme zamanı: 2026-06-30T18:32:30.892605+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

GitHub PoC Linkleri
github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-48703
Severity
HIGH
CVSS
7.8
EPSS
%0.18

Orijinal NVD Açıklaması

Warp is an agentic development environment. From 0.2025.04.09.08.11.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command execution policy bypass in Agent code search tools. The affected Grep and FileGlob actions are authorized as read/search operations, but their implementations build shell command strings from Agent-controlled inputs (search text, paths, glob patterns) and execute them in the active terminal session. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.