CVE 8.8 HIGH

CVE-2026-36044_CVE-2026-36044

May 27, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R

Description

@pensar/apex <= 0.0.58 is vulnerable to OS command injection via the smart_enumerate tool. The createSmartEnumerateTool() function in src/core/agent/tools.ts constructs a shell command by concatenating unsanitized values from the extensions array and url parameter into a string passed to Node.js child_process.exec(). Because exec() spawns a shell, shell metacharacters in those values are interpreted by the host shell, resulting in arbitrary OS command execution with the privileges of the running process.

AI Analysis

OS command injection vulnerability via the smart_enumerate tool

Basic Information

ID CVE-2026-36044

Source mitre

Published May 27, 2026 at 00:00

Modified May 27, 2026 at 13:44

Affected Product

Vendor @pensar

Product @pensar/apex

Version 0.0.58

Affected Versions n/a n/a n/a

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor @pensar

Product apex

Version 0.0.58

References

{
    "lastseen": "",
    "description": "@pensar/apex <= 0.0.58 is vulnerable to OS command injection via the smart_enumerate tool. The createSmartEnumerateTool() function in src/core/agent/tools.ts constructs a shell command by concatenating unsanitized values from the extensions array and url parameter into a string passed to Node.js child_process.exec(). Because exec() spawns a shell, shell metacharacters in those values are interpreted by the host shell, resulting in arbitrary OS command execution with the privileges of the running process.",
    "published": "2026-05-27T00:00:00.000Z",
    "modified": "2026-05-27T13:44:03.112Z",
    "type": "cve",
    "title": "CVE-2026-36044",
    "source": "mitre",
    "references": "https://www.npmjs.com/package/@pensar/apex\nhttps://gist.github.com/NucleiAv/47e87da08b90ef464fd9b35affe578fb",
    "id": "CVE-2026-36044",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:R",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "@pensar/apex",
    "version": "0.0.58",
    "vendor": "@pensar",
    "ai_description": "OS command injection vulnerability via the smart_enumerate tool",
    "ai_severity": "High",
    "ai_vendor": "@pensar",
    "ai_product": "apex",
    "ai_version": "0.0.58",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply