CVE-2026-5208

CVE-2026-5208 affects CoolerControl/coolercontrold prior to version 4.0.0. The issue is OS command injection in alert names, allowing authenticated, local attackers to execute arbitrary code as root. The vulnerability arises from improper handling of alert-name input, enabling injection into a sh...

CVE-2026-5208 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in coolercontrold

Command injection in alerts in CoolerControl/coolercontrold 4.0.0 allows authenticated attackers to execute arbitrary code as root via injected bash commands in alert names...

Observium Cross-Site Scripting Vulnerability (CNVD-2020-54791)

Observium is a low-maintenance auto-discovery network monitoring platform that supports multiple device types, platforms and operating systems. Observium suffers from a cross-site scripting vulnerability. An attacker can exploit this vulnerability to inject and store malicious JavaScript code via...

CVE-2020-25137

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting XSS due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the alertname or alertmessage parameter to the...