Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-g76p-4vg5-f4qh | llm CLI tool contains a code injection vulnerability via `--functions` command-line argument |
Thu, 02 Jul 2026 01:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 14 May 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Python Code Injection via llm CLI --functions Argument |
Thu, 14 May 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 13 May 2026 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Simonw
Simonw llm |
|
| Vendors & Products |
Simonw
Simonw llm |
Tue, 12 May 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Python Code Injection via llm CLI --functions Argument | |
| Weaknesses | CWE-94 |
Tue, 12 May 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is intended to allow users to provide custom Python function definitions. However, the tool directly executes the provided code using the unsafe exec() function without any sanitization, sandboxing, or security restrictions. An attacker can exploit this by crafting a malicious llm command with arbitrary Python code in the --functions argument and using social engineering to trick a victim into running it. This leads to arbitrary code execution on the victim's system, potentially granting the attacker full control. | |
| References |
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-06-30T03:19:43.209Z
Reserved: 2026-03-09T00:00:00.000Z
Link: CVE-2026-31236
Updated: 2026-06-30T03:19:43.209Z
Status : Awaiting Analysis
Published: 2026-05-12T18:16:51.977
Modified: 2026-06-17T10:33:29.400
Link: CVE-2026-31236
No data.
OpenCVE Enrichment
Updated: 2026-05-14T23:00:13Z
Github GHSA