Vulnerabilities in OSC
7 resultsCVE-2026-26002MEDIUMOnDemand susceptible to malicious input when navigating to a directory.EPSS 0.5%CVE-2025-53636MEDIUMOpen OnDemand Shell App closed websocket DoSEPSS 0.3%CVE-2026-44371MEDIUMOpen OnDemand: Specially crafted filenames can execute javascript in the file browserEPSS 0.3%CVE-2025-64185MEDIUMOpen OnDemand RPM packages create world writable locationsEPSS 0.2%CVE-2025-58435MEDIUMOpen OnDemand didn't rotate password for VNC batch_connectEPSS 0.2%CVE-2025-62724MEDIUMOpen OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU)EPSS 0.2%CVE-2025-66029HIGHOpen OnDemand affected by Apache proxy passing sensitive headersEPSS 0.2%