OpenCode AI coding agent hit by critical unauthenticated RCE vulnerability 1 month ago (github.com) 2 comments AlexAltea Reply Add to library rvz 1 month ago Probably nothing. AlexAltea 1 month ago Probably nothing based on what? I have reproduced the finding locally...Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.
rvz 1 month ago Probably nothing. AlexAltea 1 month ago Probably nothing based on what? I have reproduced the finding locally...Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.
AlexAltea 1 month ago Probably nothing based on what? I have reproduced the finding locally...Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.
Probably nothing.
Probably nothing based on what? I have reproduced the finding locally...
Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.