Description
python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled tool_args values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c (Unix) or powershell.exe -Command (Windows), allowing an attacker to inject arbitrary shell commands. This vulnerability is fixed in 1.1.3.
Published: 2026-05-14
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in python-utcp causes user-supplied tool_args to be concatenated directly into shell command strings that are later executed via /bin/bash or powershell.exe. This unsanitized insertion permits an attacker to inject arbitrary shell commands, effectively gaining remote command execution on the host where the protocol runs. The weakness is classified as CWE-78, reflecting command injection vulnerabilities. The CVSS score of 8.3 indicates a high severity risk when exploitable.

Affected Systems

The vulnerability exists in the universal-tool-calling-protocol python-utcp package for all releases older than 1.1.3. The fix was introduced in version 1.1.3, removing the unsafe argument substitution mechanism.

Risk and Exploitability

With a CVSS rating of 8.3, the risk is high, but no EPSS data is currently available, and the flaw is not listed in CISA’s KEV catalog. Attackers must be able to influence the tool_args parameter, which is typically exposed to users of the CLI protocol. When an attacker can control that input, they can execute arbitrary commands in the environment where python-utcp runs, potentially compromising confidentiality, integrity, and availability of the system.

Generated by OpenCVE AI on May 14, 2026 at 21:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to python-utcp version 1.1.3 or later to eliminate the unsafe argument substitution logic.
  • Identify all systems running python-utcp and isolate those using versions older than 1.1.3.
  • Implement least‑privilege execution for the protocol or restrict its network exposure while the update is deployed.
  • Continuously monitor system logs for signs of command‑execution attempts to detect exploitation.

Generated by OpenCVE AI on May 14, 2026 at 21:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-33p6-5jxp-p3x4 utcp-cli Vulnerable to Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol
History

Thu, 14 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled tool_args values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c (Unix) or powershell.exe -Command (Windows), allowing an attacker to inject arbitrary shell commands. This vulnerability is fixed in 1.1.3.
Title python-utcp: Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-14T20:14:50.993Z

Reserved: 2026-05-12T00:51:29.085Z

Link: CVE-2026-45369

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2026-05-14T21:16:48.220

Modified: 2026-05-15T14:44:49.877

Link: CVE-2026-45369

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-14T22:00:10Z

Weaknesses