Skip to content

2026-01-31 — PsySH CWD auto-load → local priv-esc (CVE-2026-25129)

What happened

PsySH automatically loads and executes .psysh.php from the current working directory (CWD) on startup.

If an attacker can write to a directory that a victim later uses as their CWD when launching PsySH (or a downstream consumer like Laravel Tinker), the attacker can get arbitrary code execution in the victim’s context.

If the victim launches PsySH with elevated privileges (e.g., root), this becomes local privilege escalation.

Who should care

  • Developers / operators who run psysh or php artisan tinker
  • CI runners or automation that may start interactive tooling in shared directories
  • Any environment where privileged users might cd into attacker-writable paths (e.g., /tmp) and run debug tools

What to do

  1. Upgrade PsySH to a fixed version:
  2. v0.12.19 (or later)
  3. v0.11.23 (or later) for the older branch
  4. Operational mitigation: don’t run REPL/debug tooling from untrusted directories.
  5. Avoid /tmp and other world-writable locations.
  6. Prefer user-owned workspaces with sane permissions.
  7. Defense-in-depth: treat any “auto-load from CWD” behavior as a footgun.
  8. See: CWD auto-config poisoning

Detection / triage

  • Search for unexpected .psysh.php files in shared directories.
  • If you suspect a run occurred from an unsafe directory, treat it as arbitrary code execution and perform standard post-compromise checks.

References

  • GitHub Advisory: https://github.com/advisories/GHSA-4486-gxhx-5mg7
  • NVD: https://nvd.nist.gov/vuln/detail/CVE-2026-25129