CNNVD-202601-5061 Information
CNNVD ID
CNNVD-202601-5061
Related CVE
- CNNVD Published: 2026-01-30
Description (Chinese)
PsySH是Justin Hileman个人开发者的一个运行时控制台。 PsySH 0.11.23之前版本和0.12.19之前版本存在代码问题漏洞,该漏洞源于自动从当前工作目录加载.psysh.php文件,可能导致任意代码执行和权限提升。
Description (English)
PsySH is a running time console for Justin Hileman ’ s personal developer. There is a code problem gap in the pre-PsySH 0.11.23 and pre-0.12.19 versions, which results from the automatic loading of the .psysh.php file from the current work directory, which may result in any code execution and increase in privileges.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2026-01-30
Last Modified
2026-02-24
References
https://github.com/bobthecow/psysh/releases/tag/v0.11.23 https://github.com/bobthecow/psysh/releases/tag/v0.12.19 https://github.com/bobthecow/psysh/security/advisories/GHSA-4486-gxhx-5mg7 https://access.redhat.com/security/cve/cve-2026-25129
Patch
https://github.com/bobthecow/psysh/releases
Share on: