Description
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the Spindle extension build pipeline calls bun install without the --ignore-scripts flag before running the static backend safety scan (assertSafeBackendBundle). A malicious extension that ships a package.json with a preinstall, postinstall, or prepare lifecycle script achieves host-level code execution the moment an admin presses Install before any dist file is inspected. This vulnerability is fixed in 0.9.7.
Published: 2026-05-26
Score: 9.1 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A malicious Lumiverse extension can supply a package.json containing preinstall, postinstall, or prepare lifecycle scripts. During the build pipeline for the Spindle extension, bun install is executed without the --ignore-scripts flag before the static backend safety scan runs. When an administrator installs this extension, the lifecycle scripts execute immediately, allowing the attacker to run arbitrary code with host privileges. This flaw is a typical command injection type weakness identified as CWE‑78 and results in full compromise of the system where Lumiverse runs.

Affected Systems

Products affected are Lumiverse, versions prior to 0.9.7 of the Spindle extension build pipeline. No specific patch versions are listed beyond the fixed release 0.9.7. Hosts running the Lumiverse chat application that allows administrators to install extensible Spindle modules are at risk.

Risk and Exploitability

The CVSS score of 9.1 indicates critical severity. The EPSS score is not available, so the current exploit probability is uncertain, but the vulnerability was publicly disclosed and listed in a GitHub advisory, suggesting that it may be actively exploited. The vulnerability is not listed in the CISA KEV catalog. Attackers need administrative privileges to install the extension, but once the administrator acts, the attack is immediate and requires no further interaction.

Generated by OpenCVE AI on May 26, 2026 at 21:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Lumiverse to version 0.9.7 or later, which includes the --ignore-scripts flag in the build pipeline and removes the risk of untrusted scripts executing before the safety scan.
  • Restrict the ability to install extensions to trusted administrators and verify the integrity of source code before enabling installation.
  • Configure your package manager to default to --ignore-scripts or disable lifecycle scripts in production environments as an additional safety layer when installing extensions.

Generated by OpenCVE AI on May 26, 2026 at 21:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 20:30:00 +0000

Type Values Removed Values Added
Description Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the Spindle extension build pipeline calls bun install without the --ignore-scripts flag before running the static backend safety scan (assertSafeBackendBundle). A malicious extension that ships a package.json with a preinstall, postinstall, or prepare lifecycle script achieves host-level code execution the moment an admin presses Install before any dist file is inspected. This vulnerability is fixed in 0.9.7.
Title Lumiverse: Spindle extension install runs untrusted lifecycle scripts before security scan
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-26T20:01:03.872Z

Reserved: 2026-05-06T15:49:25.192Z

Link: CVE-2026-44444

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-26T21:16:37.897

Modified: 2026-05-26T21:16:37.897

Link: CVE-2026-44444

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T21:30:16Z

Weaknesses