Platform
python
Component
astrbot
Fixed in
4.22.1
4.22.2
CVE-2026-6118 is a command injection vulnerability affecting AstrBot versions 4.22.0 through 4.22.1. This flaw allows attackers to inject and execute arbitrary commands on the server, potentially leading to unauthorized access and system compromise. The vulnerability resides within the addmcpserver function of the astrbot/dashboard/routes/tools.py file. While a fix has not yet been released by the vendor, mitigation strategies are available.
Successful exploitation of CVE-2026-6118 allows an attacker to execute arbitrary commands on the server hosting AstrBot. This could lead to a complete system takeover, enabling the attacker to steal sensitive data, install malware, or disrupt services. The remote nature of the vulnerability significantly broadens the attack surface, as it can be exploited from anywhere with network access to the affected system. The ability to inject commands directly bypasses standard security controls, making it a particularly dangerous vulnerability. The lack of vendor response increases the risk of exploitation.
CVE-2026-6118 has been publicly disclosed, increasing the likelihood of exploitation. The vulnerability is considered potentially exploitable, and the lack of a vendor response raises concerns about the timeliness of a fix. No known active campaigns have been reported at this time, but the public disclosure makes it a prime target for opportunistic attackers. The vulnerability was reported to the project early, but no response has been received, which is a concerning indicator.
Exploit Status
EPSS
4.42% (89% percentile)
CISA SSVC
CVSS Vector
Due to the absence of a vendor-supplied patch, immediate mitigation is crucial. Implement strict input validation on all user-supplied data passed to the addmcpserver function. Consider using a Web Application Firewall (WAF) with command injection rules to filter malicious input. Restrict network access to the AstrBot dashboard to only authorized personnel. Monitor system logs for suspicious command execution patterns. While not a complete solution, these measures can significantly reduce the risk of exploitation until a patch is available. After implementing these mitigations, verify their effectiveness by attempting to trigger the vulnerability with carefully crafted input and confirming that the commands are properly sanitized.
Update AstrBot to a patched version. The vendor has not responded, so it is recommended to monitor the situation and apply the update as soon as it is available. Consult the official AstrBot documentation for upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6118 is a command injection vulnerability affecting AstrBot versions 4.22.0–4.22.1, allowing attackers to execute arbitrary commands on the server.
You are affected if you are running AstrBot versions 4.22.0 or 4.22.1 and have not implemented mitigating controls.
A vendor patch is not yet available. Implement input validation, WAF rules, and restrict network access as temporary mitigations.
While no active campaigns are confirmed, the vulnerability is publicly disclosed and potentially exploitable.
Check the AstrBot project's website and GitHub repository for updates and advisories related to CVE-2026-6118.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.