CVE-2026-24844 is an OS command injection vulnerability classified under CWE-78 affecting the melange tool developed by chainguard-dev, which facilitates building APK packages via declarative pipelines. Versions from 0.3.0 up to but not including 0.40.3 are vulnerable. The root cause is improper neutralization of special shell characters in the working-directory field when it uses variable substitutions like ${{vars.*}} or ${{inputs.*}}. These variables are embedded directly into shell scripts without proper quote escaping, enabling an attacker who can supply build input values (but cannot alter pipeline definitions) to inject arbitrary shell commands. This can lead to full compromise of the build environment’s confidentiality and integrity, as arbitrary commands can be executed with the privileges of the build process. The vulnerability requires low attack complexity and privileges, with user interaction needed to trigger the build with malicious inputs. The scope is limited to systems running affected melange versions. The issue was publicly disclosed on February 4, 2026, with a CVSS v3.1 score of 7.8 (high severity). No known exploits in the wild have been reported yet. The vulnerability has been fixed in melange version 0.40.3 by implementing proper shell escaping of substituted variables in the working-directory field.

For European organizations, this vulnerability poses a significant risk to software supply chain security, particularly for those using melange to build APK packages in CI/CD pipelines. Exploitation could allow attackers to execute arbitrary commands within build environments, potentially leading to theft or manipulation of source code, injection of malicious code into software artifacts, and compromise of build infrastructure. This undermines the integrity and confidentiality of software products, which is critical for sectors like finance, telecommunications, and government. The attack does not directly affect availability but could cause indirect disruptions if build pipelines are compromised or halted. Organizations relying on automated builds with user-supplied inputs are especially vulnerable. The lack of requirement to modify pipeline definitions lowers the barrier for exploitation, increasing risk. Given the growing emphasis on secure software supply chains in Europe, this vulnerability could have wide-reaching consequences if exploited.

The primary mitigation is to upgrade melange to version 0.40.3 or later, where the vulnerability has been patched with proper shell escaping of variables. Until upgrade is possible, organizations should audit their pipeline configurations to identify any use of ${{vars.*}} or ${{inputs.*}} in the working-directory field or other shell script contexts and avoid or sanitize these inputs rigorously. Implement strict input validation and sanitization on all user-controllable build inputs to prevent injection of shell metacharacters. Employ least privilege principles for build environments to limit the impact of potential command execution. Additionally, consider isolating build environments using containerization or sandboxing to contain any exploitation attempts. Monitor build logs and pipeline executions for unusual commands or behaviors indicative of exploitation attempts. Incorporate security scanning tools that detect unsafe shell command constructions in pipeline definitions and inputs. Finally, educate developers and DevOps teams about secure pipeline practices and the risks of unescaped variable substitutions.