Platform
sap
Component
srm
Fixed in
702.0.1
713.0.1
714.0.1
CVE-2026-0512 is a critical vulnerability affecting the @uipath/packager-tool-bpmn package, specifically versions up to 0.0.9. This vulnerability allows for complete system compromise, potentially granting an attacker full control over the affected machine. Due to the severity, immediate action is required to mitigate the risk. The vulnerability was publicly disclosed on 2026-05-12.
The impact of CVE-2026-0512 is severe. An attacker who successfully exploits this vulnerability can gain complete control of the system where the @uipath/packager-tool-bpmn package is installed and running. This includes the ability to access and steal sensitive data, install malware, and potentially pivot to other systems on the network. The advisory explicitly states that all secrets and keys stored on the compromised machine should be rotated immediately from a different, secure computer, as the system is considered fully compromised. The malicious code may persist even after package removal, making thorough investigation and remediation essential.
This vulnerability is considered highly critical due to the potential for full system compromise. While no public proof-of-concept (PoC) has been explicitly released, the advisory indicates that the package has been identified as containing malware. The vulnerability was disclosed on 2026-05-12. Given the nature of the compromise, it's highly likely this will be added to CISA KEV catalog soon. Active exploitation is suspected, though confirmation is pending.
Exploit Status
EPSS
0.07% (22% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-0512 is to immediately remove the vulnerable @uipath/packager-tool-bpmn package from all affected systems. Due to the high severity and potential for persistent compromise, simply updating is not sufficient. After removal, it is crucial to rotate all secrets and keys stored on the affected machine from a clean, trusted system. Consider performing a full system wipe and rebuild to ensure complete eradication of any malicious components. There are no specific WAF or proxy rules that can effectively mitigate this vulnerability, as it resides within the package itself.
Aplique el parche de seguridad SAP 3645228 para mitigar la vulnerabilidad XSS en el manejador SICF del catálogo SRM. Verifique la documentación de SAP para obtener instrucciones detalladas sobre la aplicación del parche y las posibles interrupciones del servicio. Consulte las notas de seguridad de SAP para obtener información adicional y actualizaciones.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-0512 is a critical vulnerability in the @uipath/packager-tool-bpmn package (versions ≤0.0.9) that allows for full system compromise, potentially granting an attacker complete control over the affected machine.
If you are using @uipath/packager-tool-bpmn version 0.0.9 or earlier, you are affected by this vulnerability and must take immediate action to remove the package.
The recommended fix is to immediately remove the vulnerable package and rotate all secrets and keys stored on the affected machine. A full system wipe and rebuild is also recommended.
While no public PoC has been released, the advisory indicates the package contains malware, suggesting active exploitation is likely.
Refer to the UiPath security advisory for details and further guidance on mitigating this vulnerability. (Note: Specific advisory URL not provided in input data.)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.