CVE-2026-21882

8.4 HIGH
Published: March 02, 2026 Modified: March 02, 2026
View on NVD

Description

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched in version 0.2.0.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/AsfhtgkDavid/theshit/commit/5293957b119e55212dce2c6dcbaf1d7eb794602a
Source: security-advisories@github.com
https://github.com/AsfhtgkDavid/theshit/security/advisories/GHSA-2j3p-gqw5-g59j
Source: security-advisories@github.com

2 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.4 / 10.0
EPSS (Exploit Probability)
0.0%
4th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-250 CWE-269 CWE-273

Related CVEs

CVE-2026-4514 6.3
CVE-2026-4513 6.3
CVE-2026-4511 6.3
CVE-2026-4510 4.3
CVE-2026-4373 7.5