CVE-2026-50872 | THREATINT

Description

An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request.

PUBLISHED Reserved 2026-06-07 | Published 2026-06-15 | Updated 2026-06-16 | Assigner mitre

References

gist.github.com/pyuysig/272bf96c028ed45ad010b7c75937c914 exploit

gist.github.com/pyuysig/272bf96c028ed45ad010b7c75937c914

cve.org (CVE-2026-50872)

nvd.nist.gov (CVE-2026-50872)

Download JSON