Unauthenticated remote code execution in OpenCode
Hacker News (score: 74)
Found: January 11, 2026
ID: 2982
Description
Other
Unauthenticated remote code execution in OpenCode
Previous versions of OpenCode started a server which allowed any website visited in a web browser to execute arbitrary commands on the local machine. Make sure you are using v1.1.10 or newer; see link for more details.
More from Hacker
No other tools from this source yet.