← Back

CVE-2026-35197

nvd nist
Published: Apr 6, 2026Modified: Jun 17, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1.

Affected (1)

Products: Mattiebee: Dye
1 product
Dye
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Version 1.1.0

References (2)

Source: security-advisories@github.com
Vendor Advisory
Source: security-advisories@github.com
ExploitVendor Advisory

Timeline

No history available yet.