CVE-2026-33646
CriticalCVSS 9.6Exploitation Probability (EPSS)
Low risk48th percentile — higher than 48% of all known CVEs
Summary
The mise tool prior to version 2026.3.10 processes .tool-versions files through the Tera template engine with the exec() function registered, enabling arbitrary command execution. Unlike .mise.toml files, .tool-versions files are not subject to trust verification in non-paranoid mode, allowing an attacker to place a malicious file in a git repository and execute commands without a trust prompt.
Risk Assessment
The risk is that a victim with mise activated, upon entering a directory with a git repository containing a malicious .tool-versions file, may unknowingly execute arbitrary commands, leading to system compromise or data theft.
Recommendation
Immediately update mise to version 2026.3.10 or later. Additionally, consider enabling paranoid mode for all configuration files to enforce trust verification.
Original NVD description (English source)
mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.3.10, mise processes .tool-versions files through the Tera template engine during parsing, with the exec() function registered, enabling arbitrary command execution. Unlike .mise.toml files, .tool-versions files are not subject to trust verification in non-paranoid mode. This means an attacker can place a malicious .tool-versions file in a git repository, and when a victim with mise activated cds into the directory, arbitrary commands execute without any trust prompt. This vulnerability is fixed in 2026.3.10.

