{
  "entrypoint_kind": "function_call",
  "entrypoint_detail": "public si.networkInterfaces() API (library_api) on Linux, reaching checkLinuxDCHPInterfaces source-directive shell sink",
  "service_started": false,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "node",
    "systeminformation lib/network.js",
    "child_process.execSync",
    "/bin/sh"
  ],
  "proof_artifacts": [
    "logs/reproduction_steps.log",
    "logs/vulnerable_5_31_6_api.log",
    "logs/fixed_5_31_7_api.log",
    "logs/interfaces.backup"
  ],
  "notes": "confirmed=true vulnerable_marker_created=true fixed_marker_created=false; harmless marker oracle at /tmp/pruva_cve_2026_50289_marker created only on 5.31.6 via source-directive shell injection in checkLinuxDCHPInterfaces()"
}