Description
Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation. smbclient interprets ; as a subcommand separator and !cmd as a local-shell escape that runs cmd on the host. A path whose directory component is clean but whose basename contains "; !<cmd>; echo " achieves arbitrary command execution on the Lumiverse server. This vulnerability is fixed in 0.9.7.
Published: 2026-05-26
Score: 9.1 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Lumiverse, a full-featured AI chat application, had a severe flaw in its handling of SMB paths. When the primary toSmbPath(fullPath) operation throws an exception, the code falls back to splitting the path into a directory and a basename, but only validates the directory part. The basename is then inserted directly into an smbclient "-c" script without sanitization. SMB interprets the semicolon as a command separator and the sequence !cmd as a local‑shell escape, allowing an attacker to inject arbitrary shell commands. By crafting a path whose directory component is clean yet whose basename contains a sequence like "; !<cmd>; echo ", the attacker can execute <cmd> on the Lumiverse server with the privileges of the running process.

Affected Systems

The vulnerability affects Lumiverse versions older than 0.9.7 released by prolix-oc. Any deployment of the aforementioned product that has not yet been upgraded to version 0.9.7 or later is exposed.

Risk and Exploitability

The CVSS score of 9.1 indicates a critical impact. Although an EPSS score is not available and the issue is not listed in CISA's KEV catalog, the nature of the flaw—remote command execution via SMB client scripting—provides an attacker with a straightforward exploitation path if SMB access is available. The vulnerability would allow attackers to run arbitrary commands on the host, potentially compromising confidentiality, integrity, and availability of the server and any services running on it.

Generated by OpenCVE AI on May 26, 2026 at 21:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Lumiverse to version 0.9.7 or later.
  • If upgrading is delayed, restrict SMB client access to trusted hosts only.
  • Monitor SMB logs for suspicious command injection attempts and configure alerts for any use of semicolons or !cmd patterns.

Generated by OpenCVE AI on May 26, 2026 at 21:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 20:30:00 +0000

Type Values Removed Values Added
Description Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation. smbclient interprets ; as a subcommand separator and !cmd as a local-shell escape that runs cmd on the host. A path whose directory component is clean but whose basename contains "; !<cmd>; echo " achieves arbitrary command execution on the Lumiverse server. This vulnerability is fixed in 0.9.7.
Title Lumiverse: SMB `exists()` basename injection via smbclient `!cmd` escape
Weaknesses CWE-88
References
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-26T20:00:12.090Z

Reserved: 2026-05-06T15:49:25.192Z

Link: CVE-2026-44449

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-26T21:16:38.037

Modified: 2026-05-26T21:16:38.037

Link: CVE-2026-44449

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T21:30:16Z

Weaknesses