GrepRules
Sign inPublish rule
Explore/cve-2026-47119-overly-broad-llm-instruction-inclusion

CVE-2026-47119: Overly Broad Llm Instruction Inclusion

Using a broad wildcard pattern (like "**/*.md") to load and parse context or instructions can lead to prompt injection or malicious instruction execution if an attacker can introduce arbitrary files into the target directory. Constrain loaded files to explicitly known, specific filenames.

Provally CuratedPublic repositoryMediumMedium confidenceVerifiedApache-2.0Python
greprules fetch cve-2026-47119-overly-broad-llm-instruction-inclusion --engine opengrep

Description

Using a broad wildcard pattern (like "**/*.md") to load and parse context or instructions can lead to prompt injection or malicious instruction execution if an attacker can introduce arbitrary files into the target directory. Constrain loaded files to explicitly known, specific filenames.

License
Apache-2.0
Source context
Public repository
Source
Provally CVE rule catalog
Validation status
Verified
Quality signals
145 downloads0 direct145 via packs
· 0 stars · Quality score 61How quality works
Included packs
2 packs