cb
cvebase
.
~
/
products
/
cockpit
/
cockpit_cms
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
cockpit
/
Cockpit Cms
Cockpit Cms vulnerabilities
1 known vulnerability affecting
cockpit/cockpit_cms
.
Track
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2026-34965
P2
HIGH
CVSS 8.8
≤ 494765e
2026-04-29
CVE-2026-34965 [HIGH] CWE-94 CVE-2026-34965: Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collection Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP code through rule parameters which is written directly
nvd
Cockpit Cms vulnerabilities | cvebase