Agents
CVE-2026-2256: MS-Agent Framework Shell Tool Enables Full System Compromise via Blacklist Bypass
A critical vulnerability in ModelScope's MS-Agent framework v1.5.2 allows attackers to bypass all six regex-based blacklist validation layers in the Shell tool through shell parsing semantics. Exploiting agent-consumed data (prompts, documents, logs), attackers can execute arbitrary commands to steal API keys, deploy payloads, and pivot to internal systems. CERT/CC reports the vendor has not responded during coordination — no patch available.
Source
↳ Follow the thread