External risk intelligence

CodeWhale Allows Arbitrary Code Execution From Malicious Repositories.

CVE advisorySeverity: CRITICAL (CVSS 9.6)

CVE-2026-45311

A flaw in a coding agent allows malicious code execution from unapproved repositories, potentially leading to credential theft or system compromise. The risk stems from automatic test execution without user consent, impacting organizational security and data integrity.

1Halo Surface Signal

Code Injection

External exposure likelihood

Halo Surface Signal score for CVE-2026-45311

The tool is a local terminal-based coding agent used by developers within their own workspace. It is designed for executing code locally and is not intended to be exposed to the public internet or function as a network service.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

CodeWhale, a coding agent for terminals, contains a weakness in its test execution feature. This flaw allows arbitrary code execution within a malicious repository without user approval, potentially leading to credential exfiltration or the establishment of system persistence. The feature's design unintentionally creates an inconsistent security boundary, amplifying the risk when combined with other system configurations.

  • Vulnerable: CodeWhale's test execution tool
  • Core weakness: Auto-approves arbitrary code execution
  • Main impact: Compromised credentials and system persistence

Attack Path

How an attacker could exploit the issue

Attackers can exploit a vulnerability in the CodeWhale tool by luring users to a malicious repository. This repository can contain test code designed to execute arbitrary shell commands when the tool automatically runs tests without user approval. Successful exploitation could allow an attacker to exfiltrate credentials or establish persistence on the affected system.

  • Exposure condition: Malicious repository shared with users.
  • Attacker starting point: User opens malicious repository.
  • Trigger and result: Auto-run tests execute commands.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could allow malicious actors to execute arbitrary code on affected systems, leading to data exfiltration or the establishment of persistent access. The risk is amplified by features that can automatically trigger test execution at session start. The exploitation does not require user approval for the execution of malicious code, presenting a significant security concern.

  • Attackers with any skill level.
  • Malicious repository access required.
  • High business risk or urgency.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

This vulnerability allows for the execution of arbitrary code when a user interacts with a malicious repository. Attackers could potentially exfiltrate credentials or establish persistence on affected systems without requiring user approval. This poses a significant business risk by potentially compromising sensitive data and system integrity.

  • Identify systems running the affected code.
  • Restrict access to untrusted repositories.
  • Update to the corrected version and verify.

Frequently asked questions

What is CodeWhale and what is it used for?

CodeWhale is a terminal-based coding agent that uses DeepSeek and MiMo models. It's designed to help developers by executing code, including running tests, directly within their workspace.

What is the weakness class for CVE-2026-45311 in CodeWhale?

CVE-2026-45311 is related to CWE-94, which describes improper control of a script. This means that CodeWhale has a flaw where it improperly handles the execution of scripts, leading to unintended code running.

How can an attacker exploit CodeWhale's vulnerability?

An attacker could exploit this by creating a malicious repository containing test code. When a user opens this repository, CodeWhale's test execution tool can be triggered automatically, running the malicious code without needing any explicit approval from the user.

Who should be concerned about this vulnerability?

Anyone running CodeWhale, especially developers who might encounter or inadvertently open repositories with malicious code, should be concerned. The Halo Surface Signal indicates this vulnerability is external, meaning it can be accessed via the network, although its practical use is limited to local terminal environments.

What is the first step to respond to this CVE?

The immediate first step is to identify all systems running the affected versions of CodeWhale. Additionally, it's crucial to restrict access to untrusted repositories to prevent the vulnerability from being triggered.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified