{"vulnerability": "cve-2026-45370", "sightings": [{"uuid": "9def1623-ef9c-4bfd-bd38-e99bceab0ab1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45370", "type": "seen", "source": "https://gist.github.com/alon710/b6fd947590993b5b0ed338c431321ca8", "content": "# CVE-2026-45370: CVE-2026-45370: Environment Variable Leak in python-utcp CLI Subprocesses\n\n> **CVSS Score:** 7.7\n> **Published:** 2026-05-14\n> **Full Report:** https://cvereports.com/reports/CVE-2026-45370\n\n## Summary\nThe python-utcp library improperly exposes the host application's full environment variables to spawned subprocesses via os.environ.copy(). When combined with an existing command injection flaw, attackers can exfiltrate all host secrets in a single request.\n\n## TL;DR\npython-utcp prior to version 1.1.3 improperly exposes process-level environment variables to CLI subprocesses, enabling secret exfiltration when chained with command injection vulnerabilities.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-526\n- **CVSS Score**: 7.7 (High)\n- **Attack Vector**: Network\n- **Impact**: High Confidentiality Loss\n- **Affected Component**: cli_communication_protocol.py\n- **Related CVE**: CVE-2026-45369\n\n## Affected Systems\n\n- python-utcp\n- Universal Tool Calling Protocol (UTCP) CLI applications\n- **python-utcp**: < 1.1.3 (Fixed in: `1.1.3`)\n\n## Mitigation\n\n- Upgrade the python-utcp library to version 1.1.3 or higher.\n- Override the _prepare_environment() function to return an explicit allowlist of environment variables.\n- Implement defense-in-depth by adopting short-lived, scoped credentials instead of permanent environment variables.\n- Monitor subprocess creation logs for suspicious shell commands or arguments.\n\n**Remediation Steps:**\n1. Identify all deployments utilizing the python-utcp package.\n2. Update requirements.txt or pipfile to mandate python-utcp >= 1.1.3.\n3. Restart the application to ensure the patched library is loaded into memory.\n4. If compromise is suspected, immediately rotate all secrets, API keys, and database credentials previously stored in the host environment.\n\n## References\n\n- [GitHub Advisory: GHSA-5v57-8rxj-3p2r](https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-5v57-8rxj-3p2r)\n- [GitHub Advisory: GHSA-33p6-5jxp-p3x4](https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-33p6-5jxp-p3x4)\n- [NVD Vulnerability Detail](https://nvd.nist.gov/vuln/detail/CVE-2026-45370)\n- [CVE.org Record](https://www.cve.org/CVERecord?id=CVE-2026-45370)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-45370) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-14T22:10:29.000000Z"}, {"uuid": "8a5fdf67-be87-4129-9c3d-45608acd09cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-45370", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mlu6iie6jq2e", "content": "CVE-2026-45370 - python-utcp: Full Process Environment Exposed to CLI Subprocess - Secrets Leakage via Command Injection\nCVE ID : CVE-2026-45370\n \n Published : May 14, 2026, 9:16 p.m. | 2\u00a0hours, 17\u00a0minutes ago\n \n Description : python-utcp is the python implementation of UTCP. ...", "creation_timestamp": "2026-05-15T01:27:16.409884Z"}, {"uuid": "f631397f-0b85-4c39-8466-9e9d8c48acca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-45370", "type": "published-proof-of-concept", "source": "https://github.com/universal-tool-calling-protocol/python-utcp/security/advisories/GHSA-5v57-8rxj-3p2r", "content": "", "creation_timestamp": "2026-05-10T11:59:33.000000Z"}]}