CVE-2026-31226

CRITICAL

TinyZero thru 6652a63 - Command Injection

Title source: llm

Description

The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b839 (2025-58-24) contains a critical command injection vulnerability (CWE-78) in its HDFS file operation utilities. The vulnerability arises from the unsafe construction and execution of shell commands via os.system() without proper input sanitization or escaping. User-controlled input (such as file paths) is directly interpolated into shell command strings using f-strings within the _copy() function. An attacker can inject arbitrary OS commands by supplying a specially crafted path parameter through the Hydra configuration framework. This leads to remote code execution with the privileges of the user running the TinyZero training process.

References (2)

Core 2

Core References

https://github.com/Jiayi-Pan/TinyZero

View Writeup ZIP pw:eip

https://www.notion.so/CVE-2026-31226-35d1e139318881d19af5d63095c74579

Scores

CVSS v3 9.8

EPSS 0.0116

EPSS Percentile 62.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Published May 12, 2026

Tracked Since May 12, 2026