What the vulnerability does
01Description
EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.
CVSS base score
4.5/10
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
August 8, 2025
CVE published
August 8, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-33180 HAPI FHIR HTTP authentication leak in redirects
CVE-2026-4660 Go-getter may allow to arbitrary filesystem reads through git operations
CVE-2025-14075 WP Hotel Booking <= 2.2.7 - Unauthenticated Sensitive Information Exposure via 'email' Parameter
CVE-2025-59184 Storage Spaces Direct Information Disclosure Vulnerability
CVE-2026-34090 Suggested investigations: Handle suppressed usernames
