EUVD-2026-16943

🗓️ 28 Mar 2026 21:33:11Reported by EUVDType

Remote command injection in the pm2run function of elecV2 up to 3.8.3 via /rpc, with published exploit.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-5012	28 Mar 202619:15	–	attackerkb
Circl	CVE-2026-5012	28 Mar 202621:15	–	circl
CNNVD	elecV2P 操作系统命令注入漏洞	28 Mar 202600:00	–	cnnvd
CVE	CVE-2026-5012	28 Mar 202619:15	–	cve
Cvelist	CVE-2026-5012 elecV2 elecV2P rpc pm2run os command injection	28 Mar 202619:15	–	cvelist
NVD	CVE-2026-5012	28 Mar 202620:16	–	nvd
Positive Technologies	PT-2026-28726	28 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-5012	29 Mar 202623:03	–	redhatcve
Vulnrichment	CVE-2026-5012 elecV2 elecV2P rpc pm2run os command injection	28 Mar 202619:15	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "79020e5b-8fdf-308f-be51-572d297b6634",
        "vendor": {
          "name": "elecV2"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "250c5927-1ad8-34a1-9559-5f210f39a2b1",
        "product": {
          "name": "elecV2P"
        },
        "product_version": "3.8.1"
      },
      {
        "id": "561647f5-b78f-30ad-8463-a0366be15c61",
        "product": {
          "name": "elecV2P"
        },
        "product_version": "3.8.0"
      },
      {
        "id": "86eb4f5c-8101-365a-beb4-6bfd4185bda5",
        "product": {
          "name": "elecV2P"
        },
        "product_version": "3.8.3"
      },
      {
        "id": "bb66559b-0aaa-3552-9fe8-6898494a8c06",
        "product": {
          "name": "elecV2P"
        },
        "product_version": "3.8.2"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/353897
vuldb	www.vuldb.com/vuln/353897/cti
vuldb	www.vuldb.com/submit/779174
github	www.github.com/elecV2/elecV2P/issues/196
github	www.github.com/elecV2/elecV2P/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-5012

28 Mar 2026 21:33Current

6.7Medium risk

Vulners AI Score6.7

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.01381