Lucene search
K

Galaxy NG: command injection vulnerability

🗓️ 16 Jun 2026 15:33:51Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 5 Views

Galaxy NG command injection via unsanitized git ref names in legacy role import API enables access.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-12398
16 Jun 202614:52
attackerkb
Circl
CVE-2026-12398
16 Jun 202616:00
circl
CVE
CVE-2026-12398
16 Jun 202614:52
cve
Cvelist
CVE-2026-12398 Galaxy_ng: shell injection in legacy role import via unsanitized git ref names
16 Jun 202614:52
cvelist
EUVD
EUVD-2026-37124
16 Jun 202614:52
euvd
NVD
CVE-2026-12398
16 Jun 202615:16
nvd
OSV
GHSA-6HW7-J4JW-WPFF Galaxy NG: command injection vulnerability
16 Jun 202615:33
osv
Positive Technologies
PT-2026-49716
16 Jun 202600:00
ptsecurity
RedhatCVE
CVE-2026-12398
16 Jun 202614:52
redhatcve
Snyk
Command Injection
16 Jun 202600:00
snyk
Rows per page
Vulners
Node
galaxy-ngRange4.9.2pip

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

19 Jun 2026 20:48Current
6.6Medium risk
Vulners AI Score6.6
CVSS 3.17.5
EPSS0.00889
SSVC
5