CVE-2026-30314 - Vulnerability Details

Description

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, it fails to account for standard Shell command substitution Ridvay Code (specifically$(...)and backticks ...). An attacker can construct a command such as git log --grep="$(malicious_command)", forcing Syntx to misidentify it as a safe git operation and automatically approve it. The underlying Shell prioritizes the execution of the malicious code injected within the arguments, resulting in Remote Code Execution without any user interaction.

Published: 2026-03-31

Score: n/a

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Impact

Ridvay Code’s command auto‑approval module uses fragile regular expressions to validate command syntax, but it does not protect against shell command substitution such as $(...) and backticks. An attacker can craft a benign‑looking command, for example git log --grep="$(malicious_command)", which the module mistakenly classifies as safe and automatically approves. The injected shell syntax is then executed by the underlying operating system, giving the attacker full remote code execution capability without any user interaction.

Affected Systems

The vulnerability affects any installation of Ridvay Code that includes the auto‑approval module. No specific vendor or product versions were disclosed, so all versions of this module should be considered potentially vulnerable.

Risk and Exploitability

The risk is high because successful exploitation results in full code execution on the target system. The lack of an EPSS score or KEV listing cannot be used to gauge exploitation likelihood, but the nature of the flaw—unvalidated shell substitution—suggests a readily exploitable attack path, particularly if the auto‑approval feature is enabled by default. Vulnerability severity is expected to be high due to the direct path to remote code execution.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the vendor‑provided patch for the command auto‑approval module as soon as it becomes available.
If no patch is available, immediately disable or remove the auto‑approval feature to prevent automatic execution of unvalidated commands.
Update the command validation logic to explicitly reject shell substitution syntax such as $(...) and backticks, and enforce a strict whitelist of allowed commands.
Conduct a security audit of all command‑processing code to ensure only permitted commands are executed.
Monitor system logs for attempts to exploit command injection and investigate any anomalous activity.

Generated by OpenCVE AI on March 31, 2026 at 16:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/Secsys-FDU/LLM-Tool-Calling-CVEs/issues/8
https://ridvay.com/

History

Wed, 01 Apr 2026 02:15:00 +0000

Type	Values Removed	Values Added
Title		Command Injection in Ridvay Code Auto‑Approval Enables Remote Code Execution
Weaknesses		CWE-77 CWE-78

Tue, 31 Mar 2026 15:00:00 +0000

Type	Values Removed	Values Added
Description		Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, it fails to account for standard Shell command substitution Ridvay Code (specifically$(...)and backticks ...). An attacker can construct a command such as git log --grep="$(malicious_command)", forcing Syntx to misidentify it as a safe git operation and automatically approve it. The underlying Shell prioritizes the execution of the malicious code injected within the arguments, resulting in Remote Code Execution without any user interaction.
References		https://github.com/Secsys-FDU/LLM-Tool-Calling-CVEs/issues/8 https://ridvay.com/

Subscriptions

No data.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-03-31T00:00:00.000Z

Updated: 2026-03-31T14:19:50.344Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30314

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-31T15:16:13.233

Modified: 2026-03-31T15:16:13.233

Link: CVE-2026-30314

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-31T19:56:56Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object