Description
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded to the bridge session manager and executed through the shared shell subprocess helper, allowing them to spawn shell sessions as the OpenHarness process user and access local files, credentials, workspace state, and repository contents.
Published: 2026-04-30
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. The flaw is an OS command injection (CWE‑78) that forwards attacker‑controlled command text to a shared shell subprocess helper, enabling the attacker to spawn shell sessions as the OpenHarness process user and access local files, credentials, workspace state, and repository contents.

Affected Systems

The affected product is OpenHarness by HKUDS. No specific version numbers are listed in the advisory, so any installation of OpenHarness that includes the /bridge feature and accepts remote slash commands may be vulnerable.

Risk and Exploitability

The CVSS score of 8.7 reflects the high impact of the flaw. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting no known widespread exploitation yet. It is inferred that the attack vector is remote, requiring an attacker to be able to send slash commands that the system accepts – typically via a chat interface, API, or other communication channel. If the system is configured to receive such commands from external senders, the attacker can exploit the injected commands to gain local file access, credential theft, and modify repository contents.

Generated by OpenCVE AI on May 2, 2026 at 00:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade OpenHarness to the latest release that contains the fix for the /bridge slash command
  • Restrict the /bridge slash command by allowing only authenticated and authorized users or whitelisted IP ranges; disable the feature if it is not required
  • If a patch is not immediately available, block or remove the /bridge endpoint from the public interface or apply a firewall rule to prohibit external connections to the Port used by the OpenHarness process

Generated by OpenCVE AI on May 2, 2026 at 00:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 01 May 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Hkuds
Hkuds openharness
Vendors & Products Hkuds
Hkuds openharness

Thu, 30 Apr 2026 21:45:00 +0000

Type Values Removed Values Added
Description HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text that is forwarded to the bridge session manager and executed through the shared shell subprocess helper, allowing them to spawn shell sessions as the OpenHarness process user and access local files, credentials, workspace state, and repository contents.
Title HKUDS OpenHarness Remote Command Execution via /bridge Slash Command
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Hkuds Openharness
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-01T21:21:41.898Z

Reserved: 2026-04-30T19:04:00.304Z

Link: CVE-2026-7551

cve-icon Vulnrichment

Updated: 2026-05-01T21:21:37.244Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-30T22:16:27.097

Modified: 2026-05-01T15:29:35.903

Link: CVE-2026-7551

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-02T00:15:06Z

Weaknesses