VYPR

Openhands

by Openhands

pypi: openhands

Source repositories

CVEs (1)

  • CVE-2026-33718HigMar 27, 2026
    risk 0.42cvss 7.6epss 0.02

    OpenHands is software for AI-driven development. Starting in version 1.5.0, a Command Injection vulnerability exists in the `get_git_diff()` method at `openhands/runtime/utils/git_handler.py:134`. The `path` parameter from the `/api/conversations/{conversation_id}/git/diff` API…