CVE-2026-22785 | orval-labs orval up to 7.17.x OpenAPI Summary command injection (GHSA-mwr6-3gp8-9jmj)

Inserito da Angelo Barbosa | Gen 12, 2026 | CVE

A vulnerability labeled as critical has been found in orval-labs orval up to 7.17.x. Affected is an unknown function of the component OpenAPI. Executing a manipulation of the argument Summary can lead to command injection.

The identification of this vulnerability is CVE-2026-22785. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-22785 | orval-labs orval up to 7.17.x OpenAPI Summary command injection (GHSA-mwr6-3gp8-9jmj)

Post correlati

CVE-2025-13680 | Tiger Plugin up to 101.2.1 on WordPress set_role privilege escalation

CVE-2025-23676 | LH Email Plugin up to 1.12 on WordPress cross site scripting

CVE-2024-4635 | ThemeIsle Menu Icons Plugin up to 0.13.13 on WordPress SVG Upload cross site scripting

CVE-2024-29895 | Cacti 1.3.x DEV cmd_realtime.php poller_id command injection