CVE-2026-54051 Google Chronicle · YARA-L

Detect CVE-2026-54051: network-ai npm Package OS Command Injection in Google Chronicle

Detects exploitation of CVE-2026-54051, a critical OS command injection vulnerability (CWE-78) in the npm package 'network-ai' versions prior to 5.9.1. Improper neutralization of special elements allows attackers to inject arbitrary OS commands through the package's API, potentially leading to full system compromise. A public PoC is available.

MITRE ATT&CK

Tactic
Execution Persistence Privilege Escalation

YARA-L Detection Query

Google Chronicle (YARA-L)
yaral 
rule cve_2026_54051_network_ai_cmd_injection {
  meta:
    author = "df00tech Detection Engineering"
    description = "Detects CVE-2026-54051 network-ai npm OS command injection exploitation"
    severity = "CRITICAL"
    priority = "HIGH"
    mitre_attack_tactic = "Execution, Privilege Escalation"
    mitre_attack_technique = "T1059, T1190"
    reference = "https://github.com/advisories/GHSA-qw6v-5fcf-5666"
    cve = "CVE-2026-54051"

  events:
    $proc.metadata.event_type = "PROCESS_LAUNCH"
    $proc.principal.process.file.full_path = /node(|\.exe)$/i or
    $proc.principal.process.command_line = /network-ai/i
    $proc.target.process.file.full_path = /(cmd\.exe|powershell\.exe|\/sh|\/bash|\/dash|\/zsh|\/ksh)/i
    $proc.target.process.command_line = /(whoami|id |net user|\/etc\/passwd|curl |wget |nc |ncat|python|perl|ruby)/i

  condition:
    $proc
}
critical severity high confidence

Chronicle YARA-L rule detecting CVE-2026-54051 exploitation of network-ai npm package via OS command injection from Node.js process ancestry.

Data Sources

Chronicle SIEMGoogle Cloud ChronicleEndpoint telemetry

Required Tables

process_launch

False Positives & Tuning

  • Authorized Node.js scripts executing shell commands for system management
  • CI/CD automation using network-ai package in test pipelines
  • Security scanning solutions built on Node.js with shell exec capabilities
  • Developer tooling on workstations invoking diagnostic commands via network-ai

Other platforms for CVE-2026-54051

Microsoft Sentinel (KQL) Splunk (SPL) Elastic Security (Elastic) IBM QRadar (QRadar) Sumo Logic CSE (Sumo) CrowdStrike LogScale (LogScale) All platforms (combined) →

Testing Methodology

Validate this detection against 4 adversary techniques from Atomic Red Team. Each test below lists the behaviour to exercise and the telemetry you should expect to see. Executable commands and cleanup steps are available with Pro.

  1. Test 1CVE-2026-54051 Basic Command Injection via network-ai

    Expected signal: Process creation event: node spawns sh or bash child process with command line containing 'whoami'; file creation event for /tmp/cve_2026_54051_poc.txt

  2. Test 2CVE-2026-54051 Reverse Shell Injection Simulation

    Expected signal: Process creation: node → bash with command containing /dev/tcp; network connection event from bash process to 127.0.0.1:4444

  3. Test 3CVE-2026-54051 Persistence via Cron Injection

    Expected signal: Process creation: node → sh → crontab with new entry; crontab file modification event; subsequent periodic execution of /tmp/beacon.sh if not cleaned up

  4. Test 4CVE-2026-54051 Credential Harvesting via /etc/passwd Read

    Expected signal: Process creation: node → sh with 'cat /etc/passwd' in command line; file read event on /etc/passwd by shell child process of Node.js; file creation of /tmp/passwd_exfil.txt

Last updated: 2026-06-21 Research depth: standard
References (2)

Unlock Pro Content

Get the full detection package for CVE-2026-54051 including response playbook, investigation guide, and atomic red team tests.

Response PlaybookInvestigation GuideHunting QueriesAtomic Red Team TestsTuning Guidance
Sign Up for Pro View Pricing

Related Detections

Tactic Hubs

TA0002ExecutionTA0003PersistenceTA0004Privilege Escalation

Related Techniques

T1059Command and Scripting InterpreterT1190Exploit Public-Facing ApplicationT1548Abuse Elevation Control Mechanism

Same Tactic: Execution

Popular Detections