CVE Catalog
CVE-2026-5965
CriticalSummary
A new vulnerability in NewSoftOA allows unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
Risk Assessment
Attackers can exploit this vulnerability to gain control over the server, posing a serious threat to the security of the organization's data and systems.
Recommendation
It is recommended to update NewSoftOA to the latest version and implement appropriate security measures to restrict access to the server.
Original NVD description (English source)
NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.

