Description
The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a critical command injection vulnerability (CWE-78) in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system() without proper input sanitization or escaping. User-controlled input (such as file paths) is directly interpolated into shell command strings using f-strings within the _copy() function. An attacker can inject arbitrary OS commands by supplying a specially crafted path parameter through the Hydra configuration framework. This leads to remote code execution with the privileges of the user running the TinyZero training process.
Published: 2026-05-12
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A command injection flaw exists in the TinyZero project’s HDFS file operation utilities, where user‑controlled file paths are interpolated directly into shell commands without sanitization. An attacker can supply a crafted path via the Hydra configuration framework, causing the _copy() function to execute arbitrary OS commands. This yields remote code execution with the privileges of the process that runs TinyZero training. The vulnerability is identified as CWE‑78.

Affected Systems

The flaw resides in TinyZero, specifically the HDFS utilities added in the commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025‑58‑24). It affects any deployment of TinyZero that utilizes these utilities and processes file paths received from external configuration sources. The affected version information is not explicitly enumerated beyond the commit reference.

Risk and Exploitability

No CVSS score or EPSS value is presently available, and the vulnerability is not listed in CISA’s KEV catalog. The nature of the flaw supports remote code execution, implying a high intrinsic risk if an attacker can influence Hydra configuration or the file path supplied. Although exploitation likelihood cannot be quantified from the current data, the potential impact is severe, justifying urgent attention.

Generated by OpenCVE AI on May 12, 2026 at 17:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Acquire and deploy the patched TinyZero release that removes os.system usage from the file utilities.
  • Disable or tightly restrict the Hydra configuration framework so that external inputs cannot specify arbitrary paths.
  • Validate and sanitize all file path inputs, rejecting or escaping shell metacharacters, and, where possible, replace os.system calls with safe file‑copy APIs.

Generated by OpenCVE AI on May 12, 2026 at 17:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 16:00:00 +0000

Type Values Removed Values Added
Description The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a critical command injection vulnerability (CWE-78) in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system() without proper input sanitization or escaping. User-controlled input (such as file paths) is directly interpolated into shell command strings using f-strings within the _copy() function. An attacker can inject arbitrary OS commands by supplying a specially crafted path parameter through the Hydra configuration framework. This leads to remote code execution with the privileges of the user running the TinyZero training process.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-05-12T15:19:08.952Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31226

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-12T16:16:14.530

Modified: 2026-05-12T16:16:14.530

Link: CVE-2026-31226

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T18:00:12Z

Weaknesses

No weakness.