CVE-2026-39054
HIGH NVDCVSS Score
7.3
Severity
HIGH
Source
NVD
Published
May 15, 2026
Description
Oinone Pamirs 7.0.0 contains a command injection vulnerability in CommandHelper.executeCommands. The method starts a shell process and writes attacker-controlled command strings directly to the process standard input without sanitization. In affected deployments, this can result in arbitrary operating system command execution.