Vulnerability in BaseAI project

### Description

While working on BaseAI project, I identified a security vulnerability in the Wrangler CLI during the deployment process. The vulnerability exists in the wrangler pages deploy command and is related to improper handling of the --commit-hash parameter. This parameter is directly passed into a shell command without proper validation or sanitization, which leads to a command injection vulnerability (CWE-78).  

[CVE Report](https://vulert.com/vuln-scan/list/853399f3-04c1-4b75-a7f8-7c394cf99c03?sort_order=desc&sort_by=created_at)
[CVE Link](https://vulert.com/vuln-db/CVE-2026-0933)



### Code example

_No response_

### Additional context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability in BaseAI project #162

Description

Code example

Additional context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerability in BaseAI project #162

Description

Description

Code example

Additional context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions