CVE-2026-25856
published 2026-06-08CVE-2026-25856: OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on…
PriorityP263high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.47%
37.3th percentile
OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by creating or modifying job configurations. Attackers can leverage the plain C# execution mode, which lacks reference filtering or API restrictions, to access the file system, spawn processes, and invoke arbitrary .NET APIs as the process user.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| openbullet | openbullet2 | <= 0.3.2 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by creating or modifying
ghsa_unreviewed·2026-06-08
CVE-2026-25856 [HIGH] CWE-94 OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by creating or modifying
OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by creating or modifying job configurations. Attackers can leverage the plain C# execution mode, which lacks reference filtering or API restrictions, to access the file system, spawn processes, and invoke arbitrary .NET APIs as the process user.
VulDB
openbullet2 up to 0.3.2 code injection (EUVD-2026-35135)
vuldb·2026-06-08·CVSS 8.8
CVE-2026-25856 [HIGH] openbullet2 up to 0.3.2 code injection (EUVD-2026-35135)
A vulnerability marked as critical has been reported in openbullet2 up to 0.3.2. Impacted is an unknown function. The manipulation leads to code injection.
This vulnerability is referenced as CVE-2026-25856. Remote exploitation of the attack is possible. No exploit is available.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-08
Published