CVE-2026-44449— Lumiverse: SMB `exists()` basename injection via smbclient `!cmd` escape
Possible ATT&CK Techniques 2AI
T1190 · Exploit Public-Facing Application T1059 · Command and Scripting InterpreterGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44449
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Lumiverse: SMB `exists()` basename injection via smbclient `!cmd` escape
Source: NVD (National Vulnerability Database)
Vulnerability Description
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation. smbclient interprets ; as a subcommand separator and !cmd as a local-shell escape that runs cmd on the host. A path whose directory component is clean but whose basename contains "; !<cmd>; echo " achieves arbitrary command execution on the Lumiverse server. This vulnerability is fixed in 0.9.7.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
参数注入或修改
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-44449
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-44449
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-44449 (1)
Same Patch Batch · prolix-oc · 2026-05-26 · 5 CVEs total
| CVE-2026-44450 | 9.9 CRITICAL | Lumiverse: RCE via MCP stdio argument injection |
| CVE-2026-44451 | 9.3 CRITICAL | Lumiverse: TSX component sandbox escape via DOM ref and string-split identifier bypass |
| CVE-2026-44444 | 9.1 CRITICAL | Lumiverse: Spindle extension install runs untrusted lifecycle scripts before security scan |
| CVE-2026-44443 | 4.8 MEDIUM | Lumiverse: Sign-up nonce race condition allows unauthorized account registration |
IV. Related Vulnerabilities
Same product: Lumiverse
Same vendor: prolix-oc
Same weakness: CWE-88
- CVE-2026-44450
Lumiverse: RCE via MCP stdio argument injection - CVE-2026-3515
Argument Injection in prefecthq/prefect - CVE-2026-47114
IINA < 1.4.3 Command Execution via iina://open URL Scheme - CVE-2026-8773
linlinjava litemall Database Setting DbUtil.java load argume - CVE-2026-45158
OPNsense: Command Injection via Attacker-Controlled DHCP Con
V. Comments for CVE-2026-44449
No comments yet