Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-45792

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-23 Jun, 2026 | 19:02
Updated At-26 Jun, 2026 | 15:18
Rejected At-
Credits

RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK (Rust Token Killer) improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to apply regex-based modifications (e.g., strip_lines_matching) to shell command output before it is shown to the LLM, without any indication that the output has been modified. This allows attackers to selectively suppress or alter command output (including file contents, diffs, and security scan results) without detection, potentially concealing malicious code during AI-assisted development or review. This vulnerability is fixed in 0.32.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:23 Jun, 2026 | 19:02
Updated At:26 Jun, 2026 | 15:18
Rejected At:
â–¼CVE Numbering Authority (CNA)
RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK (Rust Token Killer) improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to apply regex-based modifications (e.g., strip_lines_matching) to shell command output before it is shown to the LLM, without any indication that the output has been modified. This allows attackers to selectively suppress or alter command output (including file contents, diffs, and security scan results) without detection, potentially concealing malicious code during AI-assisted development or review. This vulnerability is fixed in 0.32.0.

Affected Products
Vendor
rtk-ai
Product
rtk
Versions
Affected
  • < 0.32.0
Problem Types
TypeCWE IDDescription
CWECWE-345CWE-345: Insufficient Verification of Data Authenticity
CWECWE-426CWE-426: Untrusted Search Path
Type: CWE
CWE ID: CWE-345
Description: CWE-345: Insufficient Verification of Data Authenticity
Type: CWE
CWE ID: CWE-426
Description: CWE-426: Untrusted Search Path
Metrics
VersionBase scoreBase severityVector
4.06.9MEDIUM
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N
Version: 4.0
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/rtk-ai/rtk/security/advisories/GHSA-fvvm-949w-qj4w
x_refsource_CONFIRM
https://github.com/rtk-ai/rtk/pull/623
x_refsource_MISC
https://github.com/rtk-ai/rtk/pull/625
x_refsource_MISC
Hyperlink: https://github.com/rtk-ai/rtk/security/advisories/GHSA-fvvm-949w-qj4w
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/rtk-ai/rtk/pull/623
Resource:
x_refsource_MISC
Hyperlink: https://github.com/rtk-ai/rtk/pull/625
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/rtk-ai/rtk/pull/623
exploit
Hyperlink: https://github.com/rtk-ai/rtk/pull/623
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:23 Jun, 2026 | 20:16
Updated At:01 Jul, 2026 | 18:35

rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.32.0, RTK (Rust Token Killer) improperly trusts project-local configuration files. RTK automatically loads .rtk/filters.toml from the working directory with highest priority and without user notification. An attacker can place a malicious filter file in a repository to apply regex-based modifications (e.g., strip_lines_matching) to shell command output before it is shown to the LLM, without any indication that the output has been modified. This allows attackers to selectively suppress or alter command output (including file contents, diffs, and security scan results) without detection, potentially concealing malicious code during AI-assisted development or review. This vulnerability is fixed in 0.32.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.06.9MEDIUM
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
N/A
Type: Secondary
Version: 4.0
Base score: 6.9
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

rtk-ai
rtk-ai
>>rtk>>Versions before 0.32.0(exclusive)
cpe:2.3:a:rtk-ai:rtk:*:*:*:*:*:rust:*:*
Weaknesses
CWE IDTypeSource
CWE-345Secondarysecurity-advisories@github.com
CWE-426Secondarysecurity-advisories@github.com
CWE ID: CWE-345
Type: Secondary
Source: security-advisories@github.com
CWE ID: CWE-426
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/rtk-ai/rtk/pull/623security-advisories@github.com
Issue Tracking
https://github.com/rtk-ai/rtk/pull/625security-advisories@github.com
Issue Tracking
https://github.com/rtk-ai/rtk/security/advisories/GHSA-fvvm-949w-qj4wsecurity-advisories@github.com
Patch
Vendor Advisory
https://github.com/rtk-ai/rtk/pull/623134c704f-9b21-4f2e-91b3-4a467353bcc0
Issue Tracking
Hyperlink: https://github.com/rtk-ai/rtk/pull/623
Source: security-advisories@github.com
Resource:
Issue Tracking
Hyperlink: https://github.com/rtk-ai/rtk/pull/625
Source: security-advisories@github.com
Resource:
Issue Tracking
Hyperlink: https://github.com/rtk-ai/rtk/security/advisories/GHSA-fvvm-949w-qj4w
Source: security-advisories@github.com
Resource:
Patch
Vendor Advisory
Hyperlink: https://github.com/rtk-ai/rtk/pull/623
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Issue Tracking

Change History

0
Information is not available yet

Similar CVEs

4Records found

CVE-2022-46692
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.20% / 9.69%
||
7 Day CHG~0.00%
Published-15 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, iCloud for Windows 14.1, iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may bypass Same Origin Policy.

Action-Not Available
Vendor-Apple Inc.
Product-ipadostvossafariicloudwatchosmacosiphone_osiCloud for WindowswatchOStvOS
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2020-9885
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.44% / 35.31%
||
7 Day CHG~0.00%
Published-16 Oct, 2020 | 16:36
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A user that is removed from an iMessage group could rejoin the group.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_oswatchostvosipadosmac_os_xtvOSmacOSwatchOSiOS
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2019-12804
Matching Score-4
Assigner-KrCERT/CC
ShareView Details
Matching Score-4
Assigner-KrCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.40% / 31.77%
||
7 Day CHG~0.00%
Published-10 Jul, 2019 | 19:38
Updated-04 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hunesion i-oneNet Missing Support for Integrity Check vulnerability

In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to the lack of update file integrity checking in the upgrade process, an attacker can craft malicious file and use it as an update.

Action-Not Available
Vendor-hunesionHunesion
Product-i-oneneti-oneNet
CWE ID-CWE-353
Missing Support for Integrity Check
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2022-2789
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-4.7||MEDIUM
EPSS-0.12% / 1.95%
||
7 Day CHG~0.00%
Published-19 Aug, 2022 | 22:32
Updated-16 Apr, 2025 | 16:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulnerable to CWE-345 Insufficient Verification of Data Authenticity, and can display logic that is different than the compiled logic.

Action-Not Available
Vendor-emersonEmerson Electric
Product-electric\'s_proficyProficy Machine Edition
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
Details not found