CVE-2026-50872
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk9th percentile — higher than 9% of all known CVEs
Summary
An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request.
Risk Assessment
The organization may be exposed to unauthorized access to systems and leakage of sensitive data, which could lead to serious legal and reputational consequences.
Recommendation
It is recommended to update to the latest version of fossar selfoss and implement appropriate security measures to mitigate the risk of unauthorized command execution.
Original NVD description (English source)
An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request.

