Executive Summary

This vulnerability exists in Warp, an agentic development environment, in versions from 0.2025.03.05.08.02.stable_00 up to but not including 0.2026.05.06.15.42.stable_01. Warp accepts non-inline OSC 1337;File payloads from terminal output and automatically creates the decoded payload as a local file without asking the user for confirmation.

Useful 0 Not Useful 0

Impact Analysis

Because Warp automatically materializes decoded payloads as local files without user confirmation, an attacker could exploit this behavior to write arbitrary files to the local system. This can lead to high impact on confidentiality, integrity, and availability of the system, as indicated by the CVSS score of 8.8 with high impact on all three aspects.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, update Warp to version 0.2026.05.06.15.42.stable_01 or later, where the issue has been fixed.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows automatic creation, truncation, or overwriting of local files without user confirmation, which can lead to unauthorized file manipulation and potential execution of malicious commands with user privileges.

Such unauthorized file operations and potential privilege misuse could result in breaches of confidentiality, integrity, and availability of data, which are critical aspects of compliance with standards like GDPR and HIPAA.

Therefore, exploitation of this vulnerability could lead to non-compliance with these regulations due to improper handling of sensitive data and insufficient user consent or control over file operations.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves Warp terminal automatically writing non-inline OSC 1337;File payloads from terminal output to local files without confirmation. Detection involves monitoring for such OSC sequences in terminal output or suspicious file creation/truncation events in the active working directory of Warp.

Since the vulnerability is triggered by displaying attacker-controlled output containing non-inline iTerm file payloads, you can detect potential exploitation by searching for these OSC sequences in logs or network traffic.

• Use tools like tcpdump or Wireshark to capture terminal output traffic and filter for OSC 1337;File sequences.
• Example command to search for OSC 1337;File sequences in captured traffic or logs: grep -a -o 'OSC 1337;File' /path/to/logfile
• Monitor the Warp terminal's working directory for unexpected file creation or modification using commands like: inotifywait -m -e create,modify /path/to/warp/working/directory

No specific detection commands are provided in the available resources, and the recommended mitigation is to update Warp to a patched version that disables automatic local file writes from non-inline payloads.

Useful 0 Not Useful 0