CVE-2026-34116: Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe.php
Guardian language-system passes the id GET parameter directly into a PHP exec() call in transcribe.php (line 15) without sanitization: exec(\"php jobs/transcribe.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server.
Metrics
- CVSS v4.0
- 9.3
- Severity
- CRITICAL
- Fixed in
- —
- Affected Products
- 1
HarborGuard Analysis
Synopsis
OS command injection in Guardian language-system allows an unauthenticated remote attacker to execute arbitrary operating system commands on the server. The vulnerable code in transcribe.php passes a user-supplied GET parameter directly into a PHP exec() call with no sanitization and no login check, meaning any HTTP request to the endpoint is sufficient to trigger it. Successful exploitation gives an attacker full code execution on the underlying host, enabling data theft, data modification, and service disruption. No upstream fix has been published; HarborGuard tracks the advisory and will make a patched rebuild available the moment one is released.
HarborGuard Coverage
Detection for CVE-2026-34116 is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images, including custom-built images that bundle Guardian language-system at or before commit e42c395ec4b03fe62973a669c9209a673838b8a4.
AvailableHarborGuard surfaces this CVE with its CVSS v4.0 score of 9.3 (Critical) and weights it against each environment's compliance policy to determine priority routing. Findings are directed to the appropriate team inbox within each customer organization based on configured ownership rules.
AvailableBecause no fix version has been published upstream, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment the upstream maintainer ships a corrected release. For customers who opt into auto-remediation, the rebuild, regression-test run, and PR against affected workloads will be triggered without manual intervention once a fix is available.
Pending upstreamExploit Conditions
- Network reachabilityRequired
The attacker must reach the transcribe.php endpoint over the network; any host with HTTP access to the server qualifies.
- AuthenticationNot required
No credentials or session token are needed; the vulnerable endpoint accepts unauthenticated requests.
- Victim interactionNot required
Exploitation requires no action from a logged-in user or administrator; the attacker acts entirely on their own.
- Attack complexityDetail
The exploit is reliable and condition-free: appending shell metacharacters to the id GET parameter is sufficient with no race conditions or environmental prerequisites.
Blast Radius
- Reads any file readable by the web server process, including application secrets, credentials, and stored user data.
- Writes or modifies files on the server, enabling webshell placement or tampering with application data.
- Executes arbitrary processes on the host, which can be used to pivot to internal network resources or install persistent backdoors.
- Crashes or disrupts the affected service by killing processes or exhausting system resources.
How HarborGuard Handles This
Available on HarborGuard: detection for this critical, unauthenticated command-injection CVE is active across all connected registries and CI pipelines, with matching occurring within minutes of the advisory's publication. Because no upstream fix exists, HarborGuard monitors the advisory on every ingest cycle and will trigger a patched-image rebuild automatically the moment the Guardian language-system maintainer publishes a corrected commit or release. In the interim, compensating controls available to HarborGuard customers include network-policy isolation rules that restrict inbound HTTP access to affected images, egress filtering to limit the blast radius if the endpoint is reached, and flagging the affected image for manual review queues. For customers who opt into auto-remediation, the full rebuild, regression-test, and PR workflow will execute without manual steps once an upstream fix is confirmed.
- guardian / language-system≤ e42c395ec4b03fe62973a669c9209a673838b8a4
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N