CVE-2026-1961

EUVD-2026-16167

26.03.2026, 13:16

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
redhat	CNA	8 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

References

https://access.redhat.com/errata/RHSA-2026:5968

https://access.redhat.com/errata/RHSA-2026:5970

https://access.redhat.com/errata/RHSA-2026:5971

https://access.redhat.com/security/cve/CVE-2026-1961

https://bugzilla.redhat.com/show_bug.cgi?id=2437036

http://www.openwall.com/lists/oss-security/2026/03/27/3