{"uuid": "23d12cc0-adfa-480d-ac1d-e0e8ff1d1588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9277", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmhhsrhmds2o", "content": "CVE-2026-9277 - shell-quote `quote()` does not validate object-token shapes, allowing command injection via line terminators in `.op`\nCVE ID : CVE-2026-9277\n \n Published : May 22, 2026, 1:22 p.m. | 3\u00a0hours, 37\u00a0minutes ago\n \n Description : shell-quote's `quote()` function did n...", "creation_timestamp": "2026-05-22T17:34:40.998843Z"}