CVE-2026-48719
Received Received - Intake
BaseFortify

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: GitHub, Inc.

Description
Warp is an agentic development environment. From 0.2025.08.06.08.12.stable_00 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection in the prompt branch selector. A user who can publish a branch to a Git repository opened in Warp can cause a crafted branch name to be interpreted by the victim's shell if the victim selects that branch from the UI. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-06-25
AI Q&A
2026-06-24
EPSS Evaluated
N/A
NVD
CVE-2026-48719
EUVD
EUVD-2026-39001
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
warp warp From 0.2025.08.06.08.12.stable_00 (inc) to 0.2026.05.06.15.42.stable_01 (inc)
warpdotdev warp From 0.2025.08.06.08.12.stable_00 (inc) to 0.2026.05.06.15.42.stable_01 (inc)
warpdotdev warp 0.2026.05.14.19.31.stable_00
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, update Warp to version 0.2026.05.06.15.42.stable_01 or later, where the command injection issue in the prompt branch selector has been fixed.

Compliance Impact

CVE-2026-48719 is a high-severity command injection vulnerability that allows arbitrary command execution with the victim's local shell privileges. This can lead to unauthorized access, modification, or disruption of data and system integrity.

Such unauthorized access and potential data compromise could negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and system integrity.

Organizations using affected versions of Warp without applying the patch or mitigating the vulnerability risk exposure to data breaches or system compromise, which may result in non-compliance with these regulations.

Detection Guidance

This vulnerability involves command injection through the prompt branch selector in Warp when a user selects a crafted branch name from a Git repository. Detection involves identifying if your Warp terminal version is between 0.2025.08.06.08.12.stable_00 and 0.2026.05.06.15.42.stable_01, and if you are using the branch selector feature with repositories where untrusted users can publish branches.

Since the vulnerability triggers when a malicious branch name is selected, you can detect potential exploitation by monitoring for unusual shell command executions or suspicious branch names in repositories opened in Warp.

There are no specific detection commands provided in the resources. However, general approaches include:

  • Check your Warp version to confirm if it is vulnerable: run `warp --version` or check the application version in its UI.
  • Audit Git branch names in repositories you open with Warp for suspicious or unusual characters that could be used for command injection.
  • Monitor shell history or logs for unexpected commands executed when interacting with the branch selector.
  • Avoid using the branch selector on repositories where untrusted users can publish branches until you update Warp to a fixed version.
Executive Summary

This vulnerability exists in Warp, an agentic development environment, in versions from 0.2025.08.06.08.12.stable_00 up to but not including 0.2026.05.06.15.42.stable_01. It is a command injection flaw in the prompt branch selector feature. Specifically, if a user can publish a branch to a Git repository opened in Warp, they can craft a branch name that, when selected by the victim from the UI, will be interpreted and executed by the victim's shell. This allows arbitrary command execution.

Impact Analysis

The impact of this vulnerability is severe. Because it allows command injection, an attacker who can publish a branch to a Git repository can execute arbitrary commands on the victim's system when the victim selects the malicious branch in Warp. This can lead to full compromise of confidentiality, integrity, and availability of the victim's system.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48719. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart