CVE-2026-4802
8.0 HIGHA flaw was found in Cockpit
Published: 2026-05-11 · Last updated: 2026-05-28
Severity and scoring
- CVSS
- 8.0 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- CWE
- CWE-78
Description
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-4802
- [Other]https://access.redhat.com/errata/RHSA-2026:21390
- [Other]https://access.redhat.com/errata/RHSA-2026:21392
- [Other]https://access.redhat.com/errata/RHSA-2026:21394
- [Other]https://access.redhat.com/errata/RHSA-2026:21395
- [Other]https://access.redhat.com/errata/RHSA-2026:21468
- [Other]https://access.redhat.com/errata/RHSA-2026:21515
- [Other]https://access.redhat.com/errata/RHSA-2026:21516
- [Other]https://access.redhat.com/errata/RHSA-2026:21647
- [Other]https://access.redhat.com/errata/RHSA-2026:21676
- [Other]https://access.redhat.com/errata/RHSA-2026:21700
- [Other]https://access.redhat.com/security/cve/CVE-2026-4802
- [Other]https://bugzilla.redhat.com/show_bug.cgi?id=2451155
- [Other]https://github.com/cockpit-project/cockpit/blob/e204cd130/pkg/systemd/logsJournal.jsx#L206-L210
- [Other]http://www.openwall.com/lists/oss-security/2026/05/20/19
Related CVEs
Same CWE
- CVE-2026-22313 — The device has a webserver that exposes a REST API authenticated with a token on the management network (9.1 CRITICAL)
- CVE-2026-44932 — Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a ... (8.8 HIGH)
- CVE-2026-12398 — A command injection vulnerability was found in galaxy_ng (7.5 HIGH)
- CVE-2026-5416 — Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command in... (8.8 HIGH)
- CVE-2026-12161 — Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user ... (8.8 HIGH)