CVE-2026-37281 | hitarth-gg Zenshin up to 2.6.x Parameter /stream-to-vlc url os command injection

Inserito da Angelo Barbosa | Mag 19, 2026 | CVE

A vulnerability, which was classified as critical, was found in hitarth-gg Zenshin up to 2.6.x. This affects an unknown function of the file /stream-to-vlc of the component Parameter Handler. Executing a manipulation of the argument url can lead to os command injection.

This vulnerability is tracked as CVE-2026-37281. The attack can be launched remotely. No exploit exists.

You should upgrade the affected component.

CVE-2026-37281 | hitarth-gg Zenshin up to 2.6.x Parameter /stream-to-vlc url os command injection

Post correlati

CVE-2026-31621 | Linux Kernel up to 6.19.13/7.0.0 auxiliary_device_uninit null pointer dereference

CVE-2023-6280 | 52North WPS up to 4.0.0-beta.10 HTTP Request xml external entity reference

CVE-2026-3842 | QEMU KVM hw/hyperv/syndbg.c cpu_physical_memory_map out-of-bounds write

CVE-2024-2093 | VK All in One Expansion Unit Plugin up to 9.95.0.1 on WordPress information disclosure