1. Critical Command Injection Vulnerability Disclosed in ShellLayer.cpp: std::system() Call Exposes File Path Injection Risk
A high-severity security vulnerability has been identified in the codebase of an open-source project, specifically within `src/App/ShellLayer.cpp` at line 129. The flaw stems from the use of `std::system()` — a function notorious for enabling command injection attacks — combined with user-controlled file paths. The vul...