Aider-AI Aider Pre-commit Hook args.py protection mechanism_CVE-2026-10174

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-commit-verify leads to protection mechanism failure. The attack may be launched remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2026-10174

Source VulDB

Published May 31, 2026 at 08:00

Affected Product

Vendor Aider-AI

Product Aider

Version 0.86.3

Affected Versions Aider-AI Aider 0.86.3

CWE Classification

CWE-693

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-commit-verify leads to protection mechanism failure. The attack may be launched remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2026-05-31T08:00:11.079Z",
    "modified": "2026-05-31T08:00:11.079Z",
    "type": "cve",
    "title": "Aider-AI Aider Pre-commit Hook args.py protection mechanism",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/367455\nhttps://vuldb.com/vuln/367455/cti\nhttps://vuldb.com/cve/CVE-2026-10174\nhttps://vuldb.com/submit/819901\nhttps://github.com/Aider-AI/aider/issues/5057\nhttps://github.com/Aider-AI/aider/",
    "id": "CVE-2026-10174",
    "bulletinFamily": "",
    "cwe": [
        "CWE-693"
    ],
    "cvelist": null,
    "sourceData": "Aider-AI Aider 0.86.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Aider",
    "version": "0.86.3",
    "vendor": "Aider-AI",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}