CVE-2026-48720 - Vulnerability Details - OpenCVE

Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize the decoded payload as a local file without an additional confirmation step. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Warpdotdev	Warp

No data.

No data.

References

Link	Providers
https://github.com/warpdotdev/warp/commit/f3b9ce1c8fd13d037526c447418d809087722daa
https://github.com/warpdotdev/warp/security/advisories/GHSA-5h96-jrrq-6hxq

History

Fri, 26 Jun 2026 10:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Warpdotdev Warpdotdev warp
Vendors & Products		Warpdotdev Warpdotdev warp

Thu, 25 Jun 2026 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 24 Jun 2026 18:00:00 +0000

Type	Values Removed	Values Added
Description		Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize the decoded payload as a local file without an additional confirmation step. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01.
Title		Warp: SSH remote output can lead to local file overwrite and persistence
Weaknesses		CWE-20 CWE-73
References		https://github.com/warpdotdev/warp/commit/f3b9ce1c8fd13d037526c447418d809087722daa https://github.com/warpdotdev/warp/security/advisories/GHSA-5h96-jrrq-6hxq
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-06-24T17:32:50.763Z

Updated: 2026-06-25T19:56:08.070Z

Reserved: 2026-05-22T18:47:27.756Z

Link: CVE-2026-48720

Vulnrichment

Updated: 2026-06-25T19:56:05.370Z

NVD

No data.

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-48720", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-05-22T18:47:27.756Z", "datePublished": "2026-06-24T17:32:50.763Z", "dateUpdated": "2026-06-25T19:56:08.070Z"}, "containers": {"cna": {"title": "Warp: SSH remote output can lead to local file overwrite and persistence", "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "lang": "en", "description": "CWE-20: Improper Input Validation", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-73", "lang": "en", "description": "CWE-73: External Control of File Name or Path", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/warpdotdev/warp/security/advisories/GHSA-5h96-jrrq-6hxq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/warpdotdev/warp/security/advisories/GHSA-5h96-jrrq-6hxq"}, {"name": "https://github.com/warpdotdev/warp/commit/f3b9ce1c8fd13d037526c447418d809087722daa", "tags": ["x_refsource_MISC"], "url": "https://github.com/warpdotdev/warp/commit/f3b9ce1c8fd13d037526c447418d809087722daa"}], "affected": [{"vendor": "warpdotdev", "product": "warp", "versions": [{"version": ">= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-06-24T17:32:50.763Z"}, "descriptions": [{"lang": "en", "value": "Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize the decoded payload as a local file without an additional confirmation step. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01."}], "source": {"advisory": "GHSA-5h96-jrrq-6hxq", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-25T19:56:00.076148Z", "id": "CVE-2026-48720", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-25T19:56:08.070Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-48720", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-25T19:56:00.076148Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-25T19:56:05.370Z"}}], "cna": {"title": "Warp: SSH remote output can lead to local file overwrite and persistence", "source": {"advisory": "GHSA-5h96-jrrq-6hxq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "warpdotdev", "product": "warp", "versions": [{"status": "affected", "version": ">= 0.2025.03.05.08.02.stable_00, < 0.2026.05.13.09.15.stable_01"}]}], "references": [{"url": "https://github.com/warpdotdev/warp/security/advisories/GHSA-5h96-jrrq-6hxq", "name": "https://github.com/warpdotdev/warp/security/advisories/GHSA-5h96-jrrq-6hxq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/warpdotdev/warp/commit/f3b9ce1c8fd13d037526c447418d809087722daa", "name": "https://github.com/warpdotdev/warp/commit/f3b9ce1c8fd13d037526c447418d809087722daa", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize the decoded payload as a local file without an additional confirmation step. This vulnerability is fixed in 0.2026.05.06.15.42.stable_01."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-06-24T17:32:50.763Z"}}}, "cveMetadata": {"cveId": "CVE-2026-48720", "state": "PUBLISHED", "dateUpdated": "2026-06-25T19:56:08.070Z", "dateReserved": "2026-05-22T18:47:27.756Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-06-24T17:32:50.763Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}