{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-5264", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "state": "PUBLISHED", "assignerShortName": "mozilla", "dateReserved": "2025-05-27T12:29:23.106Z", "datePublished": "2025-05-27T12:29:23.513Z", "dateUpdated": "2026-04-13T14:27:58.589Z"}, "containers": {"cna": {"affected": [{"product": "Firefox", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "115.24", "lessThanOrEqual": "115.*", "versionType": "rpm"}, {"status": "unaffected", "version": "128.11", "lessThanOrEqual": "128.*", "versionType": "rpm"}, {"status": "unaffected", "version": "139", "lessThanOrEqual": "*", "versionType": "rpm"}]}, {"product": "Thunderbird", "vendor": "Mozilla", "versions": [{"status": "unaffected", "version": "128.11", "lessThanOrEqual": "128.*", "versionType": "rpm"}, {"status": "unaffected", "version": "139", "lessThanOrEqual": "*", "versionType": "rpm"}]}], "descriptions": [{"lang": "en", "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11."}]}], "title": "Potential local code execution in \u201cCopy as cURL\u201d command", "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-42/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-43/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-44/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-45/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-46/"}], "credits": [{"lang": "en", "value": "Ameen Basha M K"}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:27:58.589Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-5264", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-28T03:55:59.370030Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T18:27:56.150Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:05:59.028Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T20:05:59.028Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.8, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-5264", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-28T03:55:59.370030Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-27T15:12:55.782Z"}}], "cna": {"title": "Potential local code execution in \u201cCopy as cURL\u201d command", "credits": [{"lang": "en", "value": "Ameen Basha M K"}], "affected": [{"vendor": "Mozilla", "product": "Firefox", "versions": [{"status": "unaffected", "version": "115.24", "versionType": "rpm", "lessThanOrEqual": "115.*"}, {"status": "unaffected", "version": "128.11", "versionType": "rpm", "lessThanOrEqual": "128.*"}, {"status": "unaffected", "version": "139", "versionType": "rpm", "lessThanOrEqual": "*"}]}, {"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"status": "unaffected", "version": "128.11", "versionType": "rpm", "lessThanOrEqual": "128.*"}, {"status": "unaffected", "version": "139", "versionType": "rpm", "lessThanOrEqual": "*"}]}], "references": [{"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-42/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-43/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-44/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-45/"}, {"url": "https://www.mozilla.org/security/advisories/mfsa2025-46/"}], "descriptions": [{"lang": "en", "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.", "supportingMedia": [{"type": "text/html", "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11.", "base64": false}]}], "providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2026-04-13T14:27:58.589Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5264", "state": "PUBLISHED", "dateUpdated": "2026-04-13T14:27:58.589Z", "dateReserved": "2025-05-27T12:29:23.106Z", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "datePublished": "2025-05-27T12:29:23.513Z", "assignerShortName": "mozilla"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "062A22E3-C6FE-4948-98F5-217EFE0638FC", "versionEndExcluding": "115.24.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*", "matchCriteriaId": "E2C0FE7C-6F8E-4F1D-A768-914194586E0C", "versionEndExcluding": "139.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*", "matchCriteriaId": "DA9173F0-1559-4152-9B7F-30ABCF70BE80", "versionEndExcluding": "128.11.0", "versionStartIncluding": "116.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability was fixed in Firefox 139, Firefox ESR 115.24, Firefox ESR 128.11, Thunderbird 139, and Thunderbird 128.11."}, {"lang": "es", "value": "Debido a la insuficiente capacidad de escape del car\u00e1cter de nueva l\u00ednea en la funci\u00f3n \"Copiar como cURL\", un atacante podr\u00eda enga\u00f1ar a un usuario para que use este comando, lo que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo local en su sistema. Esta vulnerabilidad afecta a Firefox < 139, Firefox ESR < 115.24 y Firefox ESR < 128.11."}], "id": "CVE-2025-5264", "lastModified": "2026-04-13T15:17:03.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 3.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-05-27T13:15:22.200", "references": [{"source": "security@mozilla.org", "tags": ["Permissions Required"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1950001"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-42/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-43/"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2025-44/"}, {"source": "security@mozilla.org", "url": "https://www.mozilla.org/security/advisories/mfsa2025-45/"}, {"source": "security@mozilla.org", "url": "https://www.mozilla.org/security/advisories/mfsa2025-46/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00043.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00046.html"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:8341", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "firefox-0:128.11.0-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-06-02T00:00:00Z"}, {"advisory": "RHSA-2025:8608", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "thunderbird-0:128.11.0-1.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-06-05T00:00:00Z"}, {"advisory": "RHSA-2025:9074", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "firefox-0:128.11.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-06-16T00:00:00Z"}, {"advisory": "RHSA-2025:8308", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:128.11.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-05-29T00:00:00Z"}, {"advisory": "RHSA-2025:8756", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:128.11.0-1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-10T00:00:00Z"}, {"advisory": "RHSA-2025:8631", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "thunderbird-0:128.11.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9075", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "firefox-0:128.11.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-06-16T00:00:00Z"}, {"advisory": "RHSA-2025:8630", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "thunderbird-0:128.11.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9076", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "firefox-0:128.11.0-1.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-06-16T00:00:00Z"}, {"advisory": "RHSA-2025:8629", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "thunderbird-0:128.11.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9155", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "firefox-0:128.11.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-06-17T00:00:00Z"}, {"advisory": "RHSA-2025:8629", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "thunderbird-0:128.11.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9155", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "firefox-0:128.11.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-06-17T00:00:00Z"}, {"advisory": "RHSA-2025:8629", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "thunderbird-0:128.11.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9155", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "firefox-0:128.11.0-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-06-17T00:00:00Z"}, {"advisory": "RHSA-2025:8628", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "thunderbird-0:128.11.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:8628", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "thunderbird-0:128.11.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9077", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "firefox-0:128.11.0-1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-06-16T00:00:00Z"}, {"advisory": "RHSA-2025:8293", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "firefox-0:128.11.0-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-29T00:00:00Z"}, {"advisory": "RHSA-2025:8607", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "thunderbird-0:128.11.0-1.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-06-05T00:00:00Z"}, {"advisory": "RHSA-2025:8598", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "thunderbird-0:128.11.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-06-05T00:00:00Z"}, {"advisory": "RHSA-2025:9073", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "firefox-0:128.11.0-1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-06-16T00:00:00Z"}, {"advisory": "RHSA-2025:8642", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "thunderbird-0:128.11.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-06-09T00:00:00Z"}, {"advisory": "RHSA-2025:9071", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "firefox-0:128.11.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-06-16T00:00:00Z"}, {"advisory": "RHSA-2025:8599", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "thunderbird-0:128.11.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-06-05T00:00:00Z"}, {"advisory": "RHSA-2025:9072", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "firefox-0:128.11.0-1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-06-16T00:00:00Z"}], "bugzilla": {"description": "firefox: thunderbird: Potential local code execution in \u201cCopy as cURL\u201d command", "id": "2368751", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368751"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-116", "details": ["Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This vulnerability affects Firefox < 139, Firefox ESR < 115.24, Firefox ESR < 128.11, Thunderbird < 139, and Thunderbird < 128.11.", "A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Due to insufficient escaping of the newline character in the \u201cCopy as cURL\u201d feature, an attacker could trick a user into using this command, leading to local code execution on the user's system."], "name": "CVE-2025-5264", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/firefox-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "rhel10/thunderbird-flatpak", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2025-05-27T12:29:23Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-5264\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-5264\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2025-44/#CVE-2025-5264\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2025-46/#CVE-2025-5264"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate"}

{"analysis": {"en": {"generated_at": "2026-04-20T20:30:28.881192+00:00", "value": {"mitigation_remediation": ["Upgrade Firefox to version\u00a0139 or later, or to Firefox ESR\u00a0115.24/128.11, and upgrade Thunderbird to version\u00a0139 or later or to Thunderbird ESR\u00a0128.11; this applies the official patch that removes the newline escape flaw.", "If an upgrade cannot be performed immediately, disable or avoid using the \"Copy as cURL\" command until the patch is installed; this eliminates the vulnerable entry point.", "Monitor for phishing or malicious sites that offer automated cURL commands and implement user training and web\u2011filtering controls to reduce the chance that a user will execute a malicious copy."], "summary": {"action": "Patch", "impact": "Local Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects Mozilla Firefox versions prior to 139, including Firefox ESR 115.24 and ESR 128.11, as well as Thunderbird versions prior to 139 and Thunderbird ESR 128.11.", "description_and_impact": "The flaw in the \u201cCopy as cURL\u201d feature arises from inadequate handling of newline characters, allowing an attacker to embed malicious command fragments into the generated cURL string. When a user mistakenly executes the copied command, the embedded code can run with the user\u2019s privileges, resulting in local code execution. This vulnerability combines unescaped input and command\u2011injection issues, classified under CWE\u2011116 and CWE\u201177.", "risk_and_exploitability": "The CVSS score of 4.8 indicates medium impact when the flaw is used. The EPSS score of less than 1% shows a low probability of exploitation in the wild, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires user interaction, typically through a social engineering scenario where a malicious site or email tempts the victim to run the copied command. The attack vector is local, leveraging the user\u2019s own system. Consequently, while the impact can be severe, the likelihood of real\u2011world attacks is currently low."}}}}, "created": "2026-04-20T20:45:16.928525+00:00", "updated": "2026-04-20T20:45:16.928535+00:00", "vendors": []}