32°N › Security › Findings › MSS SK 2026 0028

← all advisories

MSS-SK-2026-0028

Shell injection via notification text (festival TTS)

Summary

Shell injection via notification text (festival TTS).

Impact

see PoC script header

Evidence — code citations

research/audits/signalk/exploits/0028-signalk-notification-player-shell-injection-via-notification.py

Proof of concept

research/audits/signalk/exploits/0028-signalk-notification-player-shell-injection-via-notification.py/

0028-signalk-notification-player-shell-injection-via-notification.py — single-file

← all advisories