Skip to main content

Dye

1 CVEs product

Monthly

CVE-2026-35197 MEDIUM PATCH This Month

Arbitrary code execution in dye color library versions prior to 1.1.1 allows authenticated local users with interactive UI access to execute arbitrary code through malicious template expressions. The vulnerability stems from unsafe evaluation of template syntax and requires local file system access and user interaction. No public exploits have been identified; the vulnerability was discovered and remediated by the author.

RCE Code Injection Dye
NVD GitHub
CVSS 3.1
6.6
EPSS
0.0%
EPSS 0% CVSS 6.6
MEDIUM PATCH This Month

Arbitrary code execution in dye color library versions prior to 1.1.1 allows authenticated local users with interactive UI access to execute arbitrary code through malicious template expressions. The vulnerability stems from unsafe evaluation of template syntax and requires local file system access and user interaction. No public exploits have been identified; the vulnerability was discovered and remediated by the author.

RCE Code Injection Dye
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy