VYPR

Codexbar

by CodexBar

Source repositories

CVEs (4)

  • CVE-2026-49135HigJun 1, 2026
    risk 0.39cvss 7.1epss 0.00

    CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the…

  • CVE-2026-49134HigJun 1, 2026
    risk 0.39cvss 7.1epss 0.00

    CodexBar prior to 0.32.0 contains a privilege escalation vulnerability in the CLI installer that allows local attackers to execute arbitrary commands as root by exploiting a race condition in temporary file handling. The installer creates a temporary file with mktemp, writes a…

  • CVE-2026-43625MedJun 1, 2026
    risk 0.31cvss 5.9epss 0.00

    CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network…

  • CVE-2026-49949MedJun 11, 2026
    risk 0.27cvss 5.3epss 0.00

    CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to the shared ProviderHTTPClient transport. Attackers can redirect credentialed…