ScrapeGraphAI scrapegraph-ai GenerateCodeNode generate_code_node.py create_sandbox_and_execute os 命令注入

CVE-2026-5532 影响 ScrapeGraphAI 的版本高达 1.74.0，存在操作系统命令注入 (OS) 漏洞。此漏洞位于文件 scrapegraphai/nodes/generatecodenode.py 中的 createsandboxand_execute 函数，特别是 GenerateCodeNode 组件中。攻击者可以利用此漏洞在底层系统上执行任意命令，从而可能危及数据和资源的机密性、完整性和可用性。公开可用的漏洞利用程序加剧了情况，增加了攻击的风险。供应商未响应使得获取有关漏洞严重性和实际影响的官方信息变得困难。

Organizations utilizing ScrapeGraphAI in production environments, particularly those with internet-facing deployments, are at risk. Systems running older versions (1.0.0–1.74.0) are especially vulnerable. Environments where ScrapeGraphAI is used to process untrusted data are at higher risk.

• python / server:

import os
import subprocess

def check_scrapegraphai_vulnerability():
    try:
        # Attempt to trigger the vulnerable function with malicious input
        result = subprocess.run(['scrapegraph-ai', 'generate_code_node', '; ls -la'], capture_output=True, text=True, timeout=5)
        if 'ls -la' in result.stdout:
            print("CVE-2026-5532 detected: Command injection possible!")
        else:
            print("CVE-2026-5532 not detected.")
    except Exception as e:
        print(f"Error checking vulnerability: {e}")

check_scrapegraphai_vulnerability()

• linux / server:

ps aux | grep scrapegraph-ai | grep -q 'create_sandbox_and_execute' && echo "CVE-2026-5532 potentially present: Check for suspicious commands in scrapegraph-ai processes" || echo "CVE-2026-5532 not detected."

1. 2026-04-05Disclosure

   disclosure

2. 2026-04-05PoC

   poc

3. 2026-04-05Patch

   patch

1. 已保留2026-04-04
2. 发布日期2026-04-05
3. 修改日期2026-04-06
4. EPSS 更新日期2026-04-12

建议立即采取的缓解措施是将 ScrapeGraphAI 更新到 1.10.0 或更高版本，该版本解决了此漏洞。如果无法立即更新，请考虑实施额外的安全措施，例如仅将应用程序访问限制为授权用户、实施防火墙以控制网络流量以及监控系统活动以查找漏洞利用的迹象。此外，请审查和加强源代码以防止未来的命令注入漏洞。鉴于供应商未响应，用户必须进行自己的风险评估并为他们的环境应用最合适的安全措施。