CVE-2026-23654
GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability
In short
A GitHub repository called 'zero-shot-scfoundation' uses a vulnerable third-party library that allows attackers to run malicious code on affected systems remotely without needing special permissions.
Technical detail
The vulnerability stems from an insecure dependency in the zero-shot-scfoundation repository; remote attackers can exploit the flawed third-party component to achieve unauthenticated code execution via network access, with high severity impact on system confidentiality, integrity, and availability.
Summary generated and translated by AI from the official description.
Dependency on vulnerable third-party component in GitHub Repo: zero-shot-scfoundation allows an unauthorized attacker to execute code over a network.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Affected products
Microsoft · GitHub Repo: Zero Shot scFoundationWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →