CVE-2026-48731
Deferred Deferred - Pending Action

Command Injection in Warp Agentic Development Environment

Vulnerability report for CVE-2026-48731, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-24

Last updated on: 2026-06-24

Assigner: GitHub, Inc.

Description

Warp is an agentic development environment. From 0.2024.02.20.08.01.stable_01 until 0.2026.05.06.15.42.stable_01, Warp contains a command injection issue in the Linux external editor launcher. Warp expanded freedesktop .desktop Exec templates for affected editor integrations and executed the expanded command through a shell. A user who opens an attacker-controlled local file path through an affected external editor or system-default editor route can cause shell syntax embedded in that path to execute as the local user. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-24
Last Modified
2026-06-24
Generated
2026-07-15
AI Q&A
2026-06-24
EPSS Evaluated
2026-07-13
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
warp warp From 0.2024.02.20.08.01.stable_01 (inc) to 0.2026.05.06.15.42.stable_01 (inc)
warp warp 0.2026.05.06.15.42.stable_01

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-48731 is a command injection vulnerability in the Linux external editor launcher of the Warp terminal application. The vulnerability occurs because Warp expanded freedesktop .desktop Exec templates and executed the expanded command through a shell. This allowed an attacker to inject shell syntax via crafted local file paths.

Specifically, when a user opens an attacker-controlled local file path through an affected external editor or system-default editor route, the shell syntax embedded in that path can execute with the local user's permissions.

The root cause was that Warp's `EditorMetadata::build_command()` function constructed shell commands by concatenating user-controlled values like file paths into a single string passed to `sh -c`, enabling command injection through filenames containing shell metacharacters.

The vulnerability was fixed by replacing the unsafe shell invocation with direct process execution, parsing the Exec string into argument lists to prevent shell interpretation of metacharacters.

Detection Guidance

This vulnerability involves command injection through the Linux external editor launcher in Warp when opening attacker-controlled local file paths. Detection involves identifying if your Warp installation is a vulnerable version (from 0.2024.02.20.08.01.stable_01 up to but not including 0.2026.05.06.15.42.stable_01).

To detect potential exploitation attempts, monitor for suspicious shell commands or unusual process executions triggered by opening files in Warp's external editor integration.

Specific commands to check your Warp version and running processes might include:

  • Check Warp version: `warp --version` or check the installed package version.
  • Monitor running processes for suspicious commands: `ps aux | grep warp` or `ps aux | grep sh` to see if shell commands are being invoked unexpectedly.
  • Check shell command history or audit logs for unusual commands triggered by opening files in Warp.

Since the vulnerability requires user interaction to open a malicious file path, monitoring user activity related to opening files with Warp's external editor integration can help detect exploitation.

Mitigation Strategies

The primary mitigation step is to update Warp to version 0.2026.05.06.15.42.stable_01 or later, where the vulnerability has been fixed by changing how the .desktop Exec entry is parsed to avoid shell execution.

Before updating, users on affected Linux builds should reduce exposure by avoiding the use of affected external editor routes and instead open files directly within Warp without invoking the external editor launcher.

Additionally, users should be cautious about opening files from untrusted sources or attacker-controlled local file paths to prevent triggering the vulnerability.

Impact Analysis

This vulnerability can allow an attacker to execute arbitrary commands on your Linux machine with your user permissions if you open a maliciously crafted local file path through an affected external editor or system-default editor route in Warp.

Successful exploitation requires user interaction, meaning you must open the attacker-controlled file path for the attack to succeed.

The impact is high, affecting confidentiality, integrity, and availability of your system, as attackers could run commands that compromise your data or system stability.

Compliance Impact

This vulnerability allows an attacker to execute arbitrary commands on a user's Linux machine with the user's permissions by exploiting command injection through crafted local file paths. Such unauthorized command execution can lead to high impact on confidentiality, integrity, and availability of data.

Given the high impact on confidentiality and integrity, this vulnerability could potentially lead to non-compliance with standards and regulations such as GDPR and HIPAA, which require protection of sensitive data and prevention of unauthorized access or modification.

Organizations using affected versions of Warp should apply the patch promptly to mitigate risks that could result in violations of these compliance requirements.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-48731. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart