CVE-2026-44972 PUBLISHED

GuardDog: Unsanitized human-readable scan output allows terminal escape injection from malicious package content

Assigner: GitHub_M
Reserved: 08.05.2026 Published: 27.05.2026 Updated: 27.05.2026

GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 to 2.9.0, GuardDog includes attacker-controlled filenames, file locations, messages, and code snippets in its default human-readable output without escaping terminal control characters. A malicious package can therefore inject ANSI or OSC escape sequences into analyst terminals or CI logs.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS Score: 5

Attack Vector	Local	Scope	Changed
Attack Complexity	Low	Confidentiality Impact	Low
Privileges Required	None	Integrity Impact	Low
User Interaction	Required	Availability Impact	None

CVSS 3.1

Product Status

Vendor	DataDog
Product	guarddog
Versions	Version >= 2.6.0, <= 2.9.0 is affected

References

https://github.com/DataDog/guarddog/security/advisories/GHSA-m5p4-gvpx-4mvr

Problem Types

CWE-116: Improper Encoding or Escaping of Output CWE