CVE-2026-55249 | rtk-ai rtk 1.0.0 Template String execSync os command injection (GHSA-fqgj-m2gp-mr3q)
A vulnerability, which was classified as critical, was found in rtk-ai rtk 1.0.0. The affected element is the function execSync of the component Template String Handler. Executing a manipulation can lead to os command injection.
This vulnerability is registered as CVE-2026-55249. It is possible to launch the attack remotely. No exploit is available.