154 matches found
CVE-2026-42086
OpenC3 COSMOS is affected by a Self-XSS in the Command Sender UI prior to version 7.0.0, caused by an unsafe eval() on array-like command parameters. A user-supplied payload could execute in the victim’s browser when sending a command, potentially allowing an attacker to read or modify data in th...
CVE-2026-42086 OpenC3 COSMOS: Self-XSS in the Command Sender
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when...
CVE-2026-42086 OpenC3 COSMOS: Self-XSS in the Command Sender
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when...
CVE-2026-42086 OpenC3 COSMOS: Self-XSS in the Command Sender
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval function on array-like command parameters, which allows a user-supplied payload to execute in the browser when...
CVE-2026-42085
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the savetoolconfig function that allows saving tool configuration files at arbitrary locations...
CVE-2026-42085 OpenC3 COSMOS: Arbitrary write to plugins directory via path-traversed config filenames
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the savetoolconfig function that allows saving tool configuration files at arbitrary locations...
EUVD-2026-27059
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the savetoolconfig function that allows saving tool configuration files at arbitrary locations...
CVE-2026-42085
OpenC3 COSMOS has a path-traversal weakness in save_tool_config() that enables arbitrary file writes into the shared /plugins directory prior to versions 6.10.5 and 7.0.0-rc3. By canonicalizing filenames to absolute paths, a crafted config filename can overwrite existing configuration files acros...
CVE-2026-42085 OpenC3 COSMOS: Arbitrary write to plugins directory via path-traversed config filenames
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, OpenC3 COSMOS contains a design flaw in the savetoolconfig function that allows saving tool configuration files at arbitrary locations...
CVE-2026-42084 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...
CVE-2026-42084
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...
CVE-2026-42084 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...
CVE-2026-42084
OpenC3 COSMOS is affected by a credential change vulnerability where the password change feature accepts a valid session token in lieu of the old password. This flaw, present prior to versions 6.10.5 and 7.0.0-rc3, allows an attacker who already holds a valid session token to change the password ...
CVE-2026-42084 OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5 and 7.0.0-rc3, the OpenC3 password change functionality allows a user to change their password without providing the old password, by accepting a valid...
PT-2026-36882
Name of the Vulnerable Software and Affected Versions OpenC3 COSMOS versions prior to 7.0.0-rc3 Description The Script Runner widget allows users to execute Python and Ruby scripts directly from the 'openc3-COSMOS-script-runner-api' container. Since all Docker containers share a network, users ca...
OpenC3 COSMOS 安全漏洞
OpenC3 COSMOS is an open-source application developed by OpenC3. Vulnerabilities exist in versions of OpenC3 COSMOS prior to 6.10.5 and 7.0.0-rc3. These vulnerabilities stem from the password change feature, which allows users to change their passwords using valid session tokens without providing...
OpenC3 COSMOS SQL注入漏洞
OpenC3 COSMOS is an open-source application developed by OpenC3. In versions 6.7.0 to 7.0.0-rc3 of OpenC3 COSMOS, there was a SQL injection vulnerability. This vulnerability stemmed from the tsdblookup function in the Time-Series Database component, which directly accepted user input without prop...
OpenC3 COSMOS 安全漏洞
OpenC3 COSMOS is an open-source application developed by OpenC3. Versions of OpenC3 COSMOS prior to 7.0.0-rc3 contained security vulnerabilities. These vulnerabilities stemmed from the Script Runner component, which allowed users to execute Python and Ruby scripts. This could lead users to bypass...
OpenC3 COSMOS 跨站脚本漏洞
OpenC3 COSMOS is an open-source application developed by OpenC3. Versions of OpenC3 COSMOS prior to version 7.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the use of the unsafe eval function by the Command Sender UI when handling array-type command parameter...
GHSA-2WVH-87G2-89HR OpenC3 COSMOS: Permissions Bypass Provides User Access to Unassigned Administrative Actions via Script Runner Tool
Vulnerability Type: Execution with Unnecessary Privileges Attack type: Authenticated remote Impact: Data disclosure/manipulation, privilege escalation Affected components: The following docker images: • Openc3inc/openc3-COSMOS-script-runner-api The Script Runner widget allows users to execute...