CVE-2026-24132 | orval up to 7.19.x/8.0.2 MSW scalar.ts getMockScalar command injection (GHSA-f456-rf33-4626 / EUVD-2026-3783)
A vulnerability marked as critical has been reported in orval up to 7.19.x/8.0.2. This affects the function getMockScalar of the file packages/mock/src/faker/getters/scalar.ts of the component MSW Handler. This manipulation causes command injection.
This vulnerability appears as CVE-2026-24132. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.