Skip to main content

Dockwatch

1 CVEs product

Monthly

CVE-2026-58455 CRITICAL Act Now

Unauthenticated OS command injection in Notifiarr Dockwatch through version 0.6.567 lets remote attackers run arbitrary shell commands on the host and achieve full compromise, since default deployments mount the Docker socket. The root cause is an Execution-After-Redirect flaw (CWE-698) where loader.php redirects unauthenticated users but fails to call exit(), allowing the attacker to seed the required session flag and then reach shell_exec() in ajax/compose.php with attacker-controlled input. The CVSS 4.0 base score is 9.2 (VC/VI/VA all High); there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though a vendor advisory and upstream fix exist.

Command Injection PHP Docker Dockwatch
NVD GitHub
CVSS 4.0
9.2
EPSS
1.2%
EPSS 1% CVSS 9.2
CRITICAL Act Now

Unauthenticated OS command injection in Notifiarr Dockwatch through version 0.6.567 lets remote attackers run arbitrary shell commands on the host and achieve full compromise, since default deployments mount the Docker socket. The root cause is an Execution-After-Redirect flaw (CWE-698) where loader.php redirects unauthenticated users but fails to call exit(), allowing the attacker to seed the required session flag and then reach shell_exec() in ajax/compose.php with attacker-controlled input. The CVSS 4.0 base score is 9.2 (VC/VI/VA all High); there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though a vendor advisory and upstream fix exist.

Command Injection PHP Docker +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy