The vulnerability CVE-2026-43991 affects Dragonmonk111's junoclaw platform versions before 0.x.y-security-1. It involves improper neutralization of special elements used in OS commands (CWE-78), specifically due to a substring-based blocklist in the plugin-shell's command-safety check that was applied to the raw command string rather than the parsed first token. This flaw allows adversaries to bypass the blocklist with crafted arguments, resulting in unauthorized OS command execution on the host. The vulnerability is addressed in version 0.x.y-security-1. The CVSS 3.1 score of 8.4 reflects a high-severity issue with local attack vector, low attack complexity, no privileges required, no user interaction, and high impact on confidentiality, integrity, and availability.

Successful exploitation of this vulnerability allows an attacker to execute unauthorized commands on the host system running vulnerable versions of junoclaw. This can lead to full compromise of the affected system's confidentiality, integrity, and availability. The attack requires local access (AV:L) but no privileges or user interaction, making it a significant risk in environments where local access is possible. No known exploits in the wild have been reported to date.

The vulnerability is fixed in junoclaw version 0.x.y-security-1. Users should upgrade to this version or later to remediate the issue. Patch status is not explicitly confirmed beyond the fix being included in this version, so users should verify with the vendor or official sources for the latest remediation guidance. Since this is not a cloud service, remediation depends on applying the fixed version. No vendor advisory content contradicts this recommendation.