Arbitrary Command Execution Vulnerability in OpenHuman Desktop Agent
CVE-2026-55743

9.4CRITICAL

Key Information:

Vendor

Tinyhumansai

Status
Openhuman
Vendor
CVE Published:
17 June 2026

What is CVE-2026-55743?

The OpenHuman desktop agent features a security policy that includes a shell tool command allowlist. Vulnerabilities in versions up to 0.54.0 could allow an attacker to bypass this policy and execute arbitrary operating system commands with user privileges. This exploitation can occur through indirect prompt injection originating from a malicious document or webpage that instructs the agent to execute a seemingly benign command. Specific flaws in the agent's handling of command arguments enable the execution of alternative find flags and bypass checks filtering environment variable assignments. Users are advised to update to the latest version, where these vulnerabilities have been addressed, ensuring protection against unauthorized command execution and potential data exfiltration.

Affected Version(s)

OpenHuman macOS 0 <= 0.54.0

References

https://github.com/tinyhumansai/openhuman/commit/60050aa0...
patch
https://github.com/tinyhumansai/openhuman/blob/v0.53.49-s...
technical-description
https://github.com/tinyhumansai/openhuman
product

CVSS V4

Score:
9.4
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Bobur Abdugafforov
Zikrillayev Salohiddin
.