CVE-2026-5965
NewSoft|NewSoftOA - OS Command Injection
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.3EPSS 1.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
21 abr 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
NewSoft · NewSoftOA