Cockpit

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-6626 MEDIUM POC This Month

NoSQL injection in Cockpit-HQ Cockpit up to version 2.13.5 allows authenticated remote attackers to manipulate data query logic through the Asset Handler or Aggregate Handler components, resulting in information disclosure with limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

Nosql Injection Information Disclosure Cockpit

NVD VulDB GitHub

CVSS 4.0

5.3

EPSS

0.1%

CVE-2026-6626

EPSS 0% CVSS 5.3

MEDIUM POC This Month

NoSQL injection in Cockpit-HQ Cockpit up to version 2.13.5 allows authenticated remote attackers to manipulate data query logic through the Asset Handler or Aggregate Handler components, resulting in information disclosure with limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, and the vendor has not responded to early disclosure notification.

Nosql Injection Information Disclosure Cockpit

NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy