Description
JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be interpreted as command syntax. This vulnerability is fixed in 0.x.y-security-1.
Published: 2026-05-12
Score: 8.4 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

plugin‑shell’s run_command function wrapped every agent‑supplied command with 'sh -c' or 'cmd /C' and forwarded the full argument string to the shell parser, allowing shell metacharacters to be interpreted as shell syntax. This enabled attackers to inject arbitrary commands into the shell, leading to remote code execution and compromising the host’s confidentiality, integrity, and availability. The weakness corresponds to command injection (CWE‑77 and CWE‑78).

Affected Systems

Dragonmonk111 JunoClaw, the agentic AI platform built on the Juno Network, is affected in all releases prior to v0.x.y-security-1. The plugin‑shell component that processes agent commands is the vulnerable part.

Risk and Exploitability

The CVSS score of 8.4 indicates high severity. Although an EPSS score is not available, the vulnerability is not listed in the CISA KEV catalog, suggesting no documented exploitation to date. The likely attack vector is a remote attacker sending crafted agent‑supplied commands through the platform’s API or command interface, which will be interpreted by the shell wrapper and executed with the privileges of the service.

Generated by OpenCVE AI on May 12, 2026 at 17:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade JunoClaw to v0.x.y-security-1 or later to apply the vendor‑issued fix.
  • If an urgent upgrade is not possible, isolate or restrict the plugin‑shell component so that it cannot execute arbitrary commands, and disable or tightly control the API that supplies commands to the plugin.
  • In the interim, apply input validation or sanitization to any commands before they reach the shell wrapper, escaping or removing shell metacharacters to prevent unintended interpretation.

Generated by OpenCVE AI on May 12, 2026 at 17:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 16:45:00 +0000

Type Values Removed Values Added
Description JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c' / 'cmd /C' and passed the full argument string to the shell's parser, allowing shell metacharacters in agent-supplied arguments to be interpreted as command syntax. This vulnerability is fixed in 0.x.y-security-1.
Title JunoClaw: plugin-shell shell-metacharacter injection via shell wrapper
Weaknesses CWE-77
CWE-78
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-12T19:01:36.775Z

Reserved: 2026-05-04T20:24:31.917Z

Link: CVE-2026-43990

cve-icon Vulnrichment

Updated: 2026-05-12T19:01:31.405Z

cve-icon NVD

Status : Received

Published: 2026-05-12T17:16:20.953

Modified: 2026-05-12T17:16:20.953

Link: CVE-2026-43990

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T17:45:20Z

Weaknesses