CVE Catalog

CVE-2026-56696

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Summary

The /issue and /pr_comments slash commands in OpenHarness lack remote_invocable=False protection, allowing remote senders to inject attacker-controlled Markdown into project context files.

Risk Assessment

Admitted remote attackers can inject malicious content into .openharness/issue.md and .openharness/pr_comments.md files, which can persistently influence local agent behavior.

Recommendation

It is recommended to implement appropriate safeguards to prevent remote users from injecting content into project context files.

Original NVD description (English source)

OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted remote attackers can inject malicious content into .openharness/issue.md and .openharness/pr_comments.md files, which are subsequently injected into runtime system prompts, persistently influencing local agent behavior.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS