CVE Catalog

CVE-2026-6349

Critical
Published: Translated: NVD NIST

Summary

iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.

Risk Assessment

This vulnerability poses a serious risk to system security, allowing attackers to gain control over the server.

Recommendation

It is recommended to update the iSherlock software to the latest version to mitigate this vulnerability and implement appropriate security measures.

Original NVD description (English source)

The  iSherlock developed by HGiga  has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS