OpenCode AI coding agent hit by critical unauthenticated RCE vulnerability 7 days ago (github.com) 2 comments AlexAltea Reply Add to library rvz 7 days ago Probably nothing. AlexAltea 6 days ago Probably nothing based on what? I have reproduced the finding locally...Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.
rvz 7 days ago Probably nothing. AlexAltea 6 days ago Probably nothing based on what? I have reproduced the finding locally...Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.
AlexAltea 6 days ago Probably nothing based on what? I have reproduced the finding locally...Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.
Probably nothing.
Probably nothing based on what? I have reproduced the finding locally...
Any website can trivially run arbitrary code as the current user if OpenCode is installed; that's CVSS ~10.