CVE-2026-5463: pymetasploit3 Command Injection (HIGH)
Plattform
python
Komponente
pymetasploit3
CVE-2026-5463 is a command injection vulnerability in pymetasploit3 through version 1.0.6. Attackers can inject newline characters into module options such as RHOSTS, breaking the intended command structure and causing the Metasploit console to execute additional unintended commands. This can lead to arbitrary command execution and manipulation of Metasploit sessions. There is currently no official patch available.
So beheben
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Häufig gestellte Fragen
What is CVE-2026-5463?
CVE-2026-5463 is a command injection vulnerability in pymetasploit3 that allows attackers to execute arbitrary commands.
Am I affected by CVE-2026-5463?
You are affected if you are using pymetasploit3 version 1.0.6 or earlier.
How do I fix CVE-2026-5463?
No official patch is currently available. Monitor for updates and consider implementing input validation as a temporary mitigation.
Abhängigkeiten automatisch überwachen
Werde benachrichtigt, wenn neue Schwachstellen deine Projekte betreffen. Für immer kostenlos.
Kostenlos starten