PYSEC-2026-2506

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/guarddog/PYSEC-2026-2506.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-2506
Aliases
Published
2026-07-13T15:15:44.270436Z
Modified
2026-07-13T16:31:56.153094929Z
Severity
  • 5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
GuardDog: Unsanitized human-readable scan output allows terminal escape injection from malicious package content
Details

Summary

GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject ANSI or OSC escape sequences into analyst terminals or CI logs.

Description

The finding formatter stores file paths and snippets from scanned content:

location = file_path + ":" + str(start_line)
finding = {
    "location": location,
    "code": code,
    "message": result["extra"]["message"],
}

The human-readable reporter later prints these values directly:

"  * " + finding["message"] + " at " + finding["location"] + "\n    " + _format_code_line_for_output(finding["code"])

No escaping is applied for control characters such as \x1b. A malicious package can therefore ship a filename like:

evil\x1b[2J.py

or matched source lines containing terminal escapes, which survive into the final CLI output.

Reproduction summary

  1. Create a file whose name contains \x1b[2J.
  2. Feed a semgrep-style result referencing that file into Analyzer._format_semgrep_response().
  3. Render the result with HumanReadableReporter.print_scan_results().
  4. The output string contains the raw escape bytes, which a terminal may interpret.

Key code paths

  • guarddog/analyzer/analyzer.py:377-392
  • guarddog/reporters/human_readable.py:36-42
  • guarddog/reporters/human_readable.py:84-91

Practical impact

This can be used to: - clear or rewrite analyst terminal output - inject misleading or spoofed log content in CI - emit clickable OSC 8 hyperlinks or title changes in compatible terminals

Prior public disclosure check

As of 2026-03-18, no matching public GitHub advisory, CVE, or public repo issue was found for this specific bug.

Suggested fix

Escape or strip terminal control characters before rendering any attacker-controlled value in human-readable output. This should cover package names, file paths, messages, and code snippets.

References

Affected packages

PyPI / guarddog

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.0
Last affected
2.9.0

Affected versions

2.*
2.6.0
2.7.0
2.7.1
2.8.4
2.9.0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/guarddog/PYSEC-2026-2506.yaml"