CVE-2025-58180
CVE-2025-58180 affects OctoPrint ≤ 1.11.2. An authenticated attacker able to upload files can craft a filename that, when interpolated into a system event handler command, leads to arbitrary command execution on the host via a FileAdded event. The vulnerability relies on insufficient sanitization...