CVE-2026-39958 | AOSC oma up to 1.25.0 topics.json Name crlf injection (GHSA-86jc-7r6q-cr3f)

Inserito da Angelo Barbosa | Apr 9, 2026 | CVE

A vulnerability has been found in AOSC oma up to 1.25.0 and classified as problematic. Impacted is an unknown function of the file {mirror}/debs/manifest/topics.json. Performing a manipulation of the argument Name results in crlf injection.

This vulnerability is known as CVE-2026-39958. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-39958 | AOSC oma up to 1.25.0 topics.json Name crlf injection (GHSA-86jc-7r6q-cr3f)

Post correlati

CVE-2025-25634 | Tenda AC15 15.03.05.19 GetParentControlInfo src stack-based overflow

CVE-2023-5457 | AiLux imx6 up to 1.0.7-1 product released in non-release configuration

CVE-2024-1635 | Undertow prior 2.2.30.SP1/2.3.10.SP3 HTTP Upgrade WriteTimeoutStreamSinkConduit resource consumption

CVE-2025-69219 | Apache Airflow 5.1.x Pickle deserialization