High severityOSV Advisory· Published Jan 12, 2026· Updated Jan 13, 2026
OpenCode's Unauthenticated HTTP Server Allows Arbitrary Command Execution
CVE-2026-22812
Description
OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opencode-ainpm | < 1.0.216 | 1.0.216 |
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-vxw4-wv6m-9hhhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-22812ghsaADVISORY
- github.com/anomalyco/opencode/commit/7d2d87fa2c44e32314015980bb4e59a9386e858cghsaWEB
- github.com/anomalyco/opencode/security/advisories/GHSA-vxw4-wv6m-9hhhghsax_refsource_CONFIRMWEB
News mentions
1- Exploits and vulnerabilities in Q1 2026Securelist · May 7, 2026