CVE-2026-25855

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

CVE-2026-25855 OpenBullet2 0.3.2 Authenticated RCE via FileProxySource Script Upload

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

CVE-2026-25855

CVE-2026-25855 affects OpenBullet2 up to version 0.3.2. The issue is a remote code execution vulnerability where authenticated users can upload script files (.bat, .ps1, .sh) via the FileProxySource proxy loading feature. The server then executes the uploaded scripts and returns their output as p...

OpenBullet2 操作系统命令注入漏洞

OpenBullet2 is a cross-platform automated testing and data scraping tool developed by the OpenBullet team. Versions of OpenBullet2 prior to 0.3.2 contained an operating system command injection vulnerability. This vulnerability originated from the FileProxySource proxy loading function, which cou...