CVE-2026-9862
published 2026-06-15CVE-2026-9862: Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network…
PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.86%
54.1th percentile
Fortra's
Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortra | core_privileged_access_manager | boks-server 8.1.0.0 – boks-server 8.1.0.22 | — |
| fortra | core_privileged_access_manager | boks-server 9.0.0.0 – boks-server 9.0.0.4 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Fortra Core Privileged Access Manager os command injection
vuldb·2026-06-15·CVSS 9.8
CVE-2026-9862 [CRITICAL] Fortra Core Privileged Access Manager os command injection
A vulnerability described as critical has been identified in Fortra Core Privileged Access Manager. This affects an unknown function. Such manipulation leads to os command injection.
This vulnerability is listed as CVE-2026-9862. The attack may be performed from remote. There is no available exploit.
GHSA
Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service.
ghsa_unreviewed·2026-06-15
CVE-2026-9862 [CRITICAL] CWE-78 Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service.
Fortra's
Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing.
No detection rules found.
No public exploits indexed.
2026-06-15
Published