CVE-2026-2256

MEDIUM 6.5

Command injection vulnerability in ModelScope's ms-agent

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

0th

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

Vendor	modelscope
Product	ms-agent
Published	Mar 2, 2026
Last Updated	Mar 3, 2026

Stay Ahead of the Next One

Get instant alerts for modelscope ms-agent

Be the first to know when new medium vulnerabilities affecting modelscope ms-agent are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

ModelScope / ms-agent

0 ≤ v1.6.0rc1

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/modelscope/ms-agent hiddenlayer.com: https://www.hiddenlayer.com/research/indirect-prompt-injection-of-claude-computer-use medium.com: https://medium.com/@itamar.yochpaz/cve-2026-2256-from-ai-prompt-to-full-system-compromise-a4114c718326 github.com: https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC kb.cert.org: https://www.kb.cert.org/vuls/id/431821