CVE-2026-3066 HummerRisk Cloud Compliance Scanning PlatformUtils.java fixedCommand command injection

A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command...

CVE-2026-3065 HummerRisk Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult command injection

A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote exploitation of the...

CVE-2026-3064 HummerRisk Cloud Task Scheduler ResourceCreateService.java command injection

A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some unknown functionality of the file ResourceCreateService.java of the component Cloud Task Scheduler. Such manipulation of the argument regionId leads to command injection. The attack may be launche...

CVE-2026-3064

CVE-2026-3064 affects HummerRisk up to 1.5.0, specifically the ResourceCreateService.java component of Cloud Task Scheduler. The issue arises from manipulating the argument regionId, enabling command injection. Impact is described as remote exploitation with high confidentiality, integrity, and a...