VYPR
Vendor

Openhands

Products
1
CVEs
1
Across products
1
Status
Private

Products

1

Recent CVEs

1
  • CVE-2026-33718HigMar 27, 2026
    risk 0.42cvss 7.6epss 0.02

    OpenHands is software for AI-driven development. Starting in version 1.5.0, a Command Injection vulnerability exists in the `get_git_diff()` method at `openhands/runtime/utils/git_handler.py:134`. The `path` parameter from the `/api/conversations/{conversation_id}/git/diff` API…