EUVD-2026-30508

🗓️ 15 May 2026 05:59:25Reported by EUVDType

Improper input validation in Delphix connectors allows an authenticated user to run OS commands.

Reporter	Title	Published	Views	Family All 8
ATTACKERKB	CVE-2026-8654	15 May 202605:59	–	attackerkb
CNNVD	Delphix Continuous Data 操作系统命令注入漏洞	15 May 202600:00	–	cnnvd
CVE	CVE-2026-8654	15 May 202605:59	–	cve
Cvelist	CVE-2026-8654	15 May 202605:59	–	cvelist
NVD	CVE-2026-8654	15 May 202607:16	–	nvd
Positive Technologies	PT-2026-41270	15 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-8654	5 Jun 202619:11	–	redhatcve
Vulnrichment	CVE-2026-8654	15 May 202605:59	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "15c25343-a0b4-3293-b868-a9b1ad2f1f6b",
        "vendor": {
          "name": "Delphix Continuous data"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1255fd7e-2b19-3ae9-a802-7a40c920f452",
        "product": {
          "name": "IBM Db2 Connector"
        },
        "product_version": "0 <2025.2"
      },
      {
        "id": "2d30ccf3-25a4-339f-9c9d-7bf09cc38d29",
        "product": {
          "name": "SAP HANA Connector"
        },
        "product_version": "0 <2026.2.0"
      },
      {
        "id": "573591df-c441-302c-a083-ea18861cfdc4",
        "product": {
          "name": "Oracle EBS Connector"
        },
        "product_version": "0 <2025.2.0"
      },
      {
        "id": "74e162aa-5008-3fd3-b5ec-61db6abb88df",
        "product": {
          "name": "Cassandra Connector"
        },
        "product_version": "0 <2025.1.0"
      },
      {
        "id": "8149265e-a6f5-366a-bc8b-a6a5459e06ce",
        "product": {
          "name": "Oracle Backup Ingestion Connector"
        },
        "product_version": "0 <4.2.1"
      },
      {
        "id": "a4187c70-fbf1-38d4-a3e7-850078322fb4",
        "product": {
          "name": "CockroachDB Connector"
        },
        "product_version": "0 <2025.2.0"
      },
      {
        "id": "c7e622a8-501b-34d8-aaf5-42d938a650f5",
        "product": {
          "name": "MySQL Connector"
        },
        "product_version": "0 <2025.1.0"
      },
      {
        "id": "e0bb29d5-9f38-34d5-b618-bcbd521f6351",
        "product": {
          "name": "PostgreSQL Connector"
        },
        "product_version": "0 <2025.1.0"
      },
      {
        "id": "e15ee78c-170b-3fe5-9f75-67ad3c5b4a03",
        "product": {
          "name": "YugabyteDB Connector"
        },
        "product_version": "0 <2025.1.1"
      },
      {
        "id": "e64528d1-9c8f-3914-8b46-1fba8c351818",
        "product": {
          "name": "MSSQL on Linux Connector"
        },
        "product_version": "0 <2025.1.0"
      },
      {
        "id": "e85ff22a-637d-3c4b-bf50-86a37887b460",
        "product": {
          "name": "MangoDB Connector"
        },
        "product_version": "0 <2025.2.1"
      },
      {
        "id": "fdeb4785-f242-387a-b327-e971ab0c908a",
        "product": {
          "name": "Couchbase Connector"
        },
        "product_version": "0 <1.3.2"
      }
    ]
  }
]

Source	Link
portal	www.portal.perforce.com/s/cve/a91Qi000002z78HIAQ/authenticated-os-command-injection-in-delphix-continuous-data-connectors

15 May 2026 11:09Current

6.1Medium risk

Vulners AI Score6.1

CVSS 48.7

EPSS0.00052

SSVC