Description
Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepted certain state-mutating terminal lifecycle hooks from the PTY stream without verifying that the hooks were emitted by Warp's shell integration for the active session. An attacker who could cause a victim to view attacker-controlled terminal output in Warp could spoof selected lifecycle metadata, including the current working directory reported for the active block or SSH session transport metadata. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.
Published: 2026-06-24
Score: 4.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An attacker who can cause a victim to view attacker-controlled terminal output in Warp can use the lack of verification of state‑mutating lifecycle hooks to spoof metadata. This allows the spoofed metadata to include the current working directory or SSH transport details, leading to misleading session information. The flaw is a direct consequence of accepting hooks from the PTY stream without validating their origin and is classified under CWE-78 and CWE-88.

Affected Systems

Warps the open‑source agentic development environment with product code name Warp. The vulnerability exists in releases starting from 0.2021.04.25.23.05.stable_00 through 0.2026.05.06.15.42.stable_01. Any installation of these versions running on a machine where an attacker can inject terminal output is impacted.

Risk and Exploitability

The CVSS score of 4.3 indicates moderate impact. Exploitation requires that the attacker is able to steer terminal output to the vulnerable Warp instance, which is commonly a local or user‑level threat. The EPSS score is unavailable, and the vulnerability is not currently listed in CISA KEV. Given the lack of remote code execution, the immediate risk is the ability to deceive users by presenting incorrect session information rather than allowing arbitrary code execution.

Generated by OpenCVE AI on June 24, 2026 at 20:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Warp to 0.2026.05.06.15.42.stable_01 or newer, which eliminates the acceptance of unverified lifecycle hooks.
  • If an upgrade is not possible, restrict terminal output to trusted processes and users and monitor for unexpected lifecycle hook patterns.
  • Follow Warp security best practices: regularly check the Warp repository for updates and verify that only Warp’s shell integration emits lifecycle hooks in production environments.

Generated by OpenCVE AI on June 24, 2026 at 20:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Warpdotdev
Warpdotdev warp
Vendors & Products Warpdotdev
Warpdotdev warp

Thu, 25 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 24 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
Description Warp is an agentic development environment. From 0.2021.04.25.23.05.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepted certain state-mutating terminal lifecycle hooks from the PTY stream without verifying that the hooks were emitted by Warp's shell integration for the active session. An attacker who could cause a victim to view attacker-controlled terminal output in Warp could spoof selected lifecycle metadata, including the current working directory reported for the active block or SSH session transport metadata. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.
Title Warp: DCS lifecycle hook spoofing can alter terminal session metadata
Weaknesses CWE-78
CWE-88
References
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-25T17:05:10.711Z

Reserved: 2026-06-15T22:53:58.561Z

Link: CVE-2026-54686

cve-icon Vulnrichment

Updated: 2026-06-25T17:05:06.682Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T09:40:41Z

Weaknesses
  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

  • CWE-88

    Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')