CVE-2026-44691 | Eclipse Theia up to 1.68.x Repository theia/tasks.json inclusion of functionality from untrusted control sphere (EUVD-2026-37901)
A vulnerability has been found in Eclipse Theia up to 1.68.x and classified as problematic. This impacts an unknown function of the file theia/tasks.json of the component Repository Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere.
This vulnerability is cataloged as CVE-2026-44691. The attack must be initiated from a local position. There is no exploit available.
The affected component should be upgraded.