Vendor
HKUDS OpenHarness contains a remote code execution vulnerability (CVE-2026-7551) in the /bridge slash command, allowing remote attackers to execute arbitrary operating system commands by injecting malicious commands via the /bridge spawn command, leading to unauthorized shell access and data exposure.