Compliance Impact

CVE-2026-36044 allows arbitrary OS command execution with the privileges of the running process, which can lead to information disclosure such as reading files and exfiltrating credentials. This poses a significant risk to the confidentiality and integrity of sensitive data.

Because the vulnerability can result in unauthorized access to sensitive information, it may cause non-compliance with data protection regulations and standards like GDPR and HIPAA, which require strict controls to protect personal and health-related data.

The vulnerability's potential to cause denial of service and arbitrary code execution further increases the risk of violating security requirements mandated by these regulations.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-36044 is a critical OS command injection vulnerability in the @pensar/apex package, specifically affecting versions 0.0.58 and earlier.

The flaw exists in the createSmartEnumerateTool() function within the src/core/agent/tools.ts file, where unsanitized user input from the extensions array and url parameter is concatenated into a shell command executed via Node.js's child_process.exec().

Because exec() spawns a shell, shell metacharacters in those inputs are interpreted by the host shell, allowing attackers to inject arbitrary OS commands.

This results in full command execution with the privileges of the running process.

The vulnerability can be exploited either by directly invoking the smart_enumerate tool with malicious input or through prompt injection, where an attacker controls a target server to manipulate the LLM agent into executing the vulnerable function.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability allows attackers to execute arbitrary OS commands with the privileges of the running process.

• Arbitrary code execution
• Information disclosure, such as reading files and exfiltrating credentials
• Denial of service, including killing processes or deleting files

Since @pensar/apex often runs on developer workstations with access to sensitive data, the risk and potential impact are particularly high.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring for suspicious usage of the smart_enumerate tool or unusual command executions originating from the @pensar/apex package, especially commands that include shell metacharacters in the extensions array or url parameter.

You can check for processes invoking the vulnerable function or look for command executions that include suspicious shell characters such as semicolons (;) or ampersands (&) which may indicate command injection attempts.

• Use process monitoring tools like 'ps' or 'top' to identify running instances of @pensar/apex or smart_enumerate.
• Use command-line tools to search logs for suspicious command patterns, for example: `grep -E 'smart_enumerate.*[;&|]' /var/log/*`
• Monitor network traffic for unusual outbound connections or data exfiltration attempts originating from developer workstations running @pensar/apex.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the vulnerable smart_enumerate tool or the @pensar/apex package version 0.0.58 and earlier until a fix is available.

Since the vendor has declined to patch the vulnerability, you should implement your own mitigations such as:

• Replace the use of Node.js child_process.exec() with execFile() to avoid shell interpretation of input.
• Validate and sanitize all inputs, especially the extensions array and url parameter, using an allowlist to prevent injection of shell metacharacters.
• Restrict the privileges of the process running @pensar/apex to minimize potential impact.
• Monitor systems closely for signs of exploitation and consider isolating affected workstations.

Useful 0 Not Useful 0