Description
A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown function of the file src/mcp/server/handlers.ts of the component terminal_execute. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. Upgrading to version 2.1.9 will fix this issue. The patch is named c1550b445b9f24f38c4414e9a545f5f79f23a0fe. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Published: 2026-04-09
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Patch Now
AI Analysis

Impact

The vulnerability is an OS command injection flaw in the terminal_execute handler located in the file src/mcp/server/handlers.ts. An attacker can supply crafted input that the service executes as a shell command, resulting in arbitrary command execution on the host. This grants the attacker the ability to read, modify, or delete data, as well as disrupt or take control of the system. The weakness is expressed by both CWE–77 and CWE–78, which describe command injection and operating‑system command execution, respectively.

Affected Systems

All deployments of Agions taskflow‑ai version 2.1.8 or earlier are affected. The issue is resolved in release 2.1.9, identified by the commit hash c1550b445b9f24f38c4414e9a545f5f79f23a0fe.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. No EPSS data is available, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited publicly known exploitation. Because the flaw can be triggered remotely through a publicly accessible endpoint, the likelihood of exploitation is significant if the terminal_execute interface is exposed to untrusted networks.

Generated by OpenCVE AI on April 9, 2026 at 04:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to Agions taskflow‑ai version 2.1.9 or later.
  • Deploy the version that contains commit c1550b445b9f24f38c4414e9a545f5f79f23a0fe.
  • If an upgrade is not immediately possible, limit network access to the terminal_execute endpoint to trusted sources only.
  • Monitor logs for unusual command executions or injection attempts and investigate promptly.

Generated by OpenCVE AI on April 9, 2026 at 04:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Apr 2026 08:30:00 +0000

Type Values Removed Values Added
First Time appeared Agions
Agions taskflow-ai
Vendors & Products Agions
Agions taskflow-ai

Thu, 09 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown function of the file src/mcp/server/handlers.ts of the component terminal_execute. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. Upgrading to version 2.1.9 will fix this issue. The patch is named c1550b445b9f24f38c4414e9a545f5f79f23a0fe. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Title Agions taskflow-ai terminal_execute handlers.ts os command injection
Weaknesses CWE-77
CWE-78
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Agions Taskflow-ai
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-09T01:45:15.048Z

Reserved: 2026-04-08T17:03:08.021Z

Link: CVE-2026-5831

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T02:16:18.110

Modified: 2026-04-09T02:16:18.110

Link: CVE-2026-5831

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-09T08:25:17Z

Weaknesses