VYPR
Medium severity6.6NVD Advisory· Published Apr 6, 2026· Updated Apr 16, 2026

CVE-2026-35197

CVE-2026-35197

Description

dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • dye/dye2 versions
    cpe:2.3:a:mattiebee:dye:1.1.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:mattiebee:dye:1.1.0:*:*:*:*:*:*:*
    • (no CPE)range: <1.1.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.