CVE-2026-56696— OpenHarness - Prompt Injection via /issue and /pr_comments Slash Commands
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-56696
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenHarness - Prompt Injection via /issue and /pr_comments Slash Commands
Source: NVD (National Vulnerability Database)
Vulnerability Description
OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted remote attackers can inject malicious content into .openharness/issue.md and .openharness/pr_comments.md files, which are subsequently injected into runtime system prompts, persistently influencing local agent behavior.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
授权机制缺失
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| HKUDS | OpenHarness | 0 ~ 0.1.9 | - |
II. Public POCs for CVE-2026-56696
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-56696
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-56696 (1)
Other References for CVE-2026-56696 (1)
IV. Related Vulnerabilities
Same product: OpenHarness
- CVE-2026-56695
OpenHarness - Cross-Session Disclosure via /resume and /summ - CVE-2026-7551
HKUDS OpenHarness Remote Command Execution via /bridge Slash - CVE-2026-6823
HKUDS OpenHarness Insecure Default Remote Channel Allowlist - CVE-2026-6819
HKUDS OpenHarness Plugin Management Command Exposure - CVE-2026-6729
HKUDS OpenHarness Session Key Collision Privilege Escalation
Same vendor: HKUDS
- CVE-2026-56695
OpenHarness - Cross-Session Disclosure via /resume and /summ - CVE-2026-48716
nanobot: Path traversal via unsanitized WhatsApp document fi - CVE-2026-12203
HKUDS AI-Trader Research Export agents.csv information discl - CVE-2026-49140
Nanobot < 0.2.1 Denial of Service via Matrix Media Download - CVE-2026-49139
Nanobot < 0.2.1 SSRF via Microsoft Teams Channel serviceUrl
Same weakness: CWE-862
- CVE-2026-57518
Pagekit CMS 1.0.18 Privilege Escalation via UserApiControlle - CVE-2026-57661
WordPress WPComplete plugin <= 2.9.5.5 - Broken Access Contr - CVE-2026-57660
WordPress Booking and Rental Manager plugin <= 2.7.1 - Broke - CVE-2026-57654
WordPress Affiliates Manager plugin <= 2.9.49 - Broken Acces - CVE-2026-57649
WordPress Shoppable Images Lite plugin <= 1.3 - Broken Acces
V. Comments for CVE-2026-56696
No comments yet