CVE-2026-37281

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter...

PT-2026-41946

Name of the Vulnerable Software and Affected Versions hitarth-gg Zenshin versions prior to 2.7.0 Description An OS command injection flaw exists in the '/stream-to-vlc' Express route. This allows remote attackers to execute arbitrary commands on the host operating system by manipulating the url...

CVE-2026-37281

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter...

zenshin 安全漏洞

Zenshin is an animation list management and media streaming tool developed by Hitarth. Versions of Zenshin prior to 2.7.0 contained security vulnerabilities. These vulnerabilities stemmed from OS command injection in the /stream-to-vlc Express route, which could allow remote attackers to execute...

CVE-2026-37281

CVE-2026-37281 affects hitarth-gg Zenshin before 2.7.0. An OS command injection exists in the /stream-to-vlc Express route, allowing remote execution via the url parameter. Impact is critical (CVSS 3.1: 9.8). Remediation: upgrade to version 2.7.0 or later. Exploitation status is not provided in t...

EUVD-2026-30950

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter...

CVE-2026-37281

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter...