VDB
CVE-2026-28279
CVE-2026-28279
PUBLISHED
CVSS 7.400000095367432 HIGH
osctrl is Vulnerable to OS Command Injection via Environment Configuration
EPSS 0.03% · 7.5th percentile
Risk Scores
CVSS v3.1
7.400000095367432
CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
EPSS Score
0.03%
7.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | jmpsec/osctrl | 0, 0 |
| jmpsec | osctrl | < 0.5.0, 0, < 0.5.0 |
Timeline
- Feb 26, 2026 CVE ID Reserved
- Feb 26, 2026 CVE Published
- Feb 27, 2026 EPSS Score
- Feb 27, 2026 CVE Updated
- Feb 28, 2026 EPSS Score
- Feb 28, 2026 PoC Published
- Feb 28, 2026 PoC Published
- Feb 28, 2026 PoC Published
- Feb 28, 2026 PoC Published
- Mar 2, 2026 EPSS Score
- Mar 3, 2026 EPSS Score
- Mar 5, 2026 EPSS Score