CVE-2026-55748

EUVD-2026-37723
OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
mitreCNA
6 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
openstackhorizon
8.0.0 ≤
𝑥
< 25.3.3
CNA
openstackhorizon
25.4.0 ≤
𝑥
< 25.5.3
CNA
openstackhorizon
25.6.0 ≤
𝑥
< 25.7.4
CNA
Debian logo
Debian Releases
Debian Product
Codename
horizon
bookworm
no-dsa
bullseye
vulnerable
forky
vulnerable
sid
3:25.7.3-2
fixed
trixie
no-dsa
Common Weakness Enumeration
References
https://launchpad.net/bugs/2152240
https://wiki.openstack.org/wiki/OSSN/OSSN-0097