A vulnerability was found in gpsd up to 3.27.5. It has been rated as very critical. Affected by this vulnerability is an unknown functionality of the component gpsprof. Performing a manipulation of the argument subtype results in os command injection.
This vulnerability was named CVE-2026-58459. The attack may be initiated remotely. There is no available exploit.