CVE-2026-34430

HIGH 8.8

ByteDance DeerFlow LocalSandboxProvider Host Bash Escape

CVSS Score

8.8

EPSS Score

0.0%

EPSS Percentile

0th

ByteDance Deer-Flow versions prior to commit 92c7a20 contain a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers can exploit the incomplete shell semantics modeling to read and modify files outside the sandbox boundary and achieve arbitrary command execution through subprocess invocation with shell interpretation enabled.

CWE	CWE-184
Vendor	bytedance inc.
Product	deerflow
Published	Apr 1, 2026
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for bytedance inc. deerflow

Be the first to know when new high vulnerabilities affecting bytedance inc. deerflow are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Bytedance Inc. / DeerFlow

0 < 92c7a20cb74addc3038d2131da78f2e239ef542e

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/bytedance/deer-flow/pull/1547 github.com: https://github.com/bytedance/deer-flow/commit/92c7a20cb74addc3038d2131da78f2e239ef542e vulncheck.com: https://www.vulncheck.com/advisories/bytedance-deerflow-localsandboxprovider-host-bash-escape

Credits

Chia Min Jun Lennon