CVE-2026-4802
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting un
CVSS
8.0
High
EPSS
1.0%
p59
KEV
—
Exploit Today
18
0-100
Published: May 11, 2026 · Last modified: Jul 15, 2026 · CWE-78
1.0%EPSS · 30 days1.0%
2026-06-302026-07-16
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21390
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21392
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21394
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21395
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21468
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21515
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21516
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21647
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21676
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21700
- access.redhat.comhttps://access.redhat.com/security/cve/CVE-2026-4802
- bugzilla.redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2451155
- github.comhttps://github.com/cockpit-project/cockpit/blob/e204cd130/pkg/systemd/logsJournal.jsx#L206-L210
- www.openwall.comhttp://www.openwall.com/lists/oss-security/2026/05/20/19
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21390
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21392
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21394
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21395
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21468
- access.redhat.comhttps://access.redhat.com/errata/RHSA-2026:21515
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-341978.8 HIG99.9%
KEV—80Apache ActiveMQ Improper Input Validation Vulnerability2dCVE-2024-121210.0 CRI99.9%
KEV—80Progress Kemp LoadMaster OS Command Injection Vulnerability4dCVE-2022-262589.8 CRI99.6%
KEV—80D-Link DIR-820L Remote Code Execution Vulnerability8dCVE-2026-422718.8 HIG99.6%
KEV—80BerriAI LiteLLM Command Injection Vulnerability2dCVE-2021-252988.8 HIG99.5%
KEV—80Nagios XI OS Command Injection8dCVE-2021-252978.8 HIG98.9%
KEV—80Nagios XI OS Command Injection8d