CVE Catalog

CVE-2026-50872

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.19%

9th percentile — higher than 9% of all known CVEs

Summary

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request.

Risk Assessment

The organization may be exposed to unauthorized access to systems and leakage of sensitive data, which could lead to serious legal and reputational consequences.

Recommendation

It is recommended to update to the latest version of fossar selfoss and implement appropriate security measures to mitigate the risk of unauthorized command execution.

Original NVD description (English source)

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS