CVE-2026-56696
Received Received - Intake
OpenHarness Slash Commands Markdown Injection

Publication date: 2026-06-23

Last updated on: 2026-06-23

Assigner: VulnCheck

Description
OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted remote attackers can inject malicious content into .openharness/issue.md and .openharness/pr_comments.md files, which are subsequently injected into runtime system prompts, persistently influencing local agent behavior.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-23
Last Modified
2026-06-23
Generated
2026-06-23
AI Q&A
2026-06-23
EPSS Evaluated
N/A
NVD
CVE-2026-56696
EUVD
EUVD-2026-38469
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hkuds openharness to 0.1.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability CVE-2026-56696 in OpenHarness involves the /issue and /pr_comments slash commands lacking proper protection to prevent remote invocation.

Because of this, remote attackers who are admitted channel senders can inject attacker-controlled Markdown content into project context files named .openharness/issue.md and .openharness/pr_comments.md.

These files are later injected into runtime system prompts, which means the malicious content persistently influences the behavior of local agents running on the system.

Impact Analysis

This vulnerability allows remote attackers to persistently inject malicious Markdown content into project context files that are used in runtime system prompts.

As a result, the local agent's behavior can be influenced or manipulated by the attacker-controlled content, potentially causing unexpected or harmful actions.

The impact is rated as medium severity with a CVSS score around 5.3, indicating a moderate risk.

Detection Guidance

This vulnerability involves unauthorized remote injection of Markdown content into the .openharness/issue.md and .openharness/pr_comments.md files via the /issue and /pr_comments slash commands.

To detect exploitation attempts on your system, you can monitor changes to these specific files for unexpected or suspicious content.

Suggested commands to check for suspicious modifications include:

  • Use file integrity monitoring tools or commands like `git diff` if your project is under version control to detect unexpected changes in `.openharness/issue.md` and `.openharness/pr_comments.md`.
  • Use `grep` to search for suspicious Markdown or attacker-controlled content in these files, for example: `grep -iE "<script|alert|malicious_keyword" .openharness/issue.md .openharness/pr_comments.md`.
  • Check system logs or application logs for remote invocations of the /issue or /pr_comments commands if logging is enabled.
Mitigation Strategies

The primary mitigation is to apply the patch that marks the /issue and /pr_comments slash commands as local-only by default, preventing remote invocation.

This patch sets the attribute `remote_invocable=False` for these commands, restricting their use to the local OpenHarness UI only.

Additionally, ensure that remote administration is only enabled explicitly and cautiously via the `remote_admin_opt_in=True` setting.

If patching immediately is not possible, restrict network access to trusted users and monitor the affected files for unauthorized changes.

Review and update your security policies to prevent untrusted remote users from sending commands that can modify project context files.

Compliance Impact

The provided context and resources do not include any information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56696. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart