CVE-2026-34430

Source
https://cve.org/CVERecord?id=CVE-2026-34430
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-34430.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-34430
Published
2026-04-01T13:34:17.014Z
Modified
2026-07-08T08:13:45.174573062Z
Severity
  • 8.6 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
ByteDance DeerFlow LocalSandboxProvider Host Bash Escape
Details

ByteDance DeerFlow versions prior to commit 92c7a20 containĀ a sandbox escape vulnerability in bash tool handling that allows attackers to execute arbitrary commands on the host system by bypassing regex-based validation using shell features such as directory changes and relative paths. Attackers can exploit the incomplete shell semantics modeling to read and modify files outside the sandbox boundary and achieve arbitrary command execution through subprocess invocation with shell interpretation enabled.

Database specific
{
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "fixed": "92c7a20cb74addc3038d2131da78f2e239ef542e"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/34xxx/CVE-2026-34430.json",
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-184"
    ]
}
References

Affected packages

Git / github.com/bytedance/deer-flow

Affected ranges

Type
GIT
Repo
https://github.com/bytedance/deer-flow
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-34430.json"