CVE-2026-25855
published 2026-06-08CVE-2026-25855: OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading…
PriorityP263high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.57%
42.9th percentile
OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files (.bat.ps1.sh) through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources, causing the server to execute the scripts and return output as proxy lines, resulting in arbitrary command execution on the host as the process user.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openbullet | openbullet2 | 0.2.5 – 0.3.2 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
openbullet2 up to 0.3.2 FileProxySource Proxy Loading Feature bat.ps1.sh os command injection (EUVD-2026-35134)
vuldb·2026-06-08·CVSS 8.8
CVE-2026-25855 [HIGH] openbullet2 up to 0.3.2 FileProxySource Proxy Loading Feature bat.ps1.sh os command injection (EUVD-2026-35134)
A vulnerability identified as critical has been detected in openbullet2 up to 0.3.2. This vulnerability affects unknown code of the file bat.ps1.sh of the component FileProxySource Proxy Loading Feature. Performing a manipulation results in os command injection.
This vulnerability was named CVE-2026-25855. The attack may be initiated remotely. There is no available exploit.
GHSA
OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files (.bat.ps1.sh) through the FileP
ghsa_unreviewed·2026-06-08
CVE-2026-25855 [HIGH] CWE-78 OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files (.bat.ps1.sh) through the FileP
OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files (.bat.ps1.sh) through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources, causing the server to execute the scripts and return output as proxy lines, resulting in arbitrary command execution on the host as the process user.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-08
Published