CVE Catalog

CVE-2026-55748

MediumCVSS 6.0
Published: Updated: Translated: NVD NIST

Summary

OpenStack Horizon before version 25.7.4 produces scripts for downloading OpenStack RC files that may contain a crafted project name with shell metacharacters.

Risk Assessment

There is a risk that improper use of shell metacharacters could lead to unintended actions in the system, potentially affecting application security.

Recommendation

It is recommended to upgrade to version 25.7.4 or later to mitigate the risks associated with this issue.

Original NVD description (English source)

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS