Rtk
by Rtk AI
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-54555 | 0.00 | — | 0.00 | Jun 23, 2026 | rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively split or reject several shell constructs that Bash treats as command execution boundaries or nested execution. As a result, a command… | |||
| CVE-2026-55249 | 0.00 | — | 0.00 | Jun 23, 2026 | @rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled input directly into a shell-backed execSync() template string without shell-safe… | |||
| CVE-2026-45792 | 0.00 | — | 0.00 | May 20, 2026 | RTK (Rust Token Killer) improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads `.rtk/filters.toml` from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in… |
- CVE-2026-54555Jun 23, 2026risk 0.00cvss —epss 0.00
rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively split or reject several shell constructs that Bash treats as command execution boundaries or nested execution. As a result, a command…
- CVE-2026-55249Jun 23, 2026risk 0.00cvss —epss 0.00
@rtk-ai/rtk-rewrite transparently rewrites shell commands executed via OpenClaw's exec tool to their RTK equivalents. In 1.0.0, the @rtk-ai/rtk-rewrite OpenClaw plugin passes attacker-controlled input directly into a shell-backed execSync() template string without shell-safe…
- CVE-2026-45792May 20, 2026risk 0.00cvss —epss 0.00
RTK (Rust Token Killer) improperly trusts project-local configuration files. In versions prior to 0.32.0, RTK automatically loads `.rtk/filters.toml` from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in…