CodeWhale — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in CodeWhale, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-45311	CodeWhale: run_tests Tool Enables RCE via Malicious Repository Without Approval CWE-94	9.6	Critical	2026-05-28
CVE-2026-45310	CodeWhale: SSRF via HTTP Redirect Bypass in fetch_url Tool CWE-918	7.4	High	2026-05-28
CVE-2026-45373	CodeWhale: SSRF‌ IPV6 bypass CWE-918	7.4	High	2026-05-28
CVE-2026-45374	CodeWhale: task_create Insecure Defaults Enable RCE via Prompt Injection in Project Files CWE-94	9.6	Critical	2026-05-28

All 4 known CVE vulnerabilities affecting CodeWhale with full Chinese analysis, references, and POCs where available.