Mageia 9 Cockpit Important Remote Command Exec Vuln 2026-0175
mageia
June 5, 2026
Security update
Summary
Description: CVE-2026-4631, Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit web service can craft a single HTTP request to the login endpoint that injects malicious SSH options or shell commands, achieving code execution on the Cockpit host without valid credentials. The injection occurs during the authentication flow before any credential verification takes place, meaning no login is required to exploit the vulnerability. CVE-2026-4800, lodash vulnerable to Code Injection via `_.template` imports key names CVE-2026-4802, A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into thes...
References
- https://bugs.mageia.org/show_bug.cgi?id=35563
- https://www.openwall.com/lists/oss-security/2026/05/20/19
- https://github.com/cockpit-project/cockpit/releases/tag/339
- https://github.com/cockpit-project/cockpit/releases/tag/340
- https://github.com/cockpit-project/cockpit/releases/tag/341
- https://github.com/cockpit-project/cockpit/releases/tag/341.1
- https://github.com/cockpit-project/cockpit/releases/tag/342
- https://github.com/cockpit-project/cockpit/releases/tag/343
- https://github.com/cockpit-project/cockpit/releases/tag/344
- https://github.com/cockpit-project/cockpit/releases/tag/345
- https://github.com/cockpit-project/cockpit/releases/tag/346
- https://github.com/cockpit-project/cockpit/releases/tag/347
- https://github.com/cockpit-project/cockpit/releases/tag/348
- https://github.com/cockpit-project/cockpit/releases/tag/349
- https://github.com/cockpit-project/cockpit/releases/tag/350
- https://github.com/cockpit-project/cockpit/releases/tag/351
- https://github.com/cockpit-project/cockpit/releases/tag/352
- https://github.com/cockpit-project/cockpit/releases/tag/353
- https://github.com/cockpit-project/cockpit/releases/tag/353.1
- https://github.com/cockpit-project/cockpit/releases/tag/354
- https://github.com/cockpit-project/cockpit/releases/tag/355
- https://github.com/cockpit-project/cockpit/releases/tag/356
- https://github.com/cockpit-project/cockpit/releases/tag/356.1
- https://github.com/cockpit-project/cockpit/releases/tag/356.2
- https://github.com/advisories/GHSA-rq49-h582-83m7
- https://github.com/advisories/GHSA-r5fr-rjxr-66jc
- https://github.com/advisories/GHSA-3wjm-5g86-c6p3
- https://www.cve.org/CVERecord?id=CVE-2026-4802
- https://www.cve.org/CVERecord?id=CVE-2026-4631
- https://www.cve.org/CVERecord?id=CVE-2026-4800
Topics Covered
Resolution
Warning: Undefined array key "block" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3654700_e054056aed0948774f0d9dcb331a22bc on line 17
Warning: Undefined array key "block" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3654700_e054056aed0948774f0d9dcb331a22bc on line 21
Warning: foreach() argument must be of type array|object, null given in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3654700_e054056aed0948774f0d9dcb331a22bc on line 21
SRPMS
- 9/core/cockpit-356.2-1.mga9
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Publication date:05 Jun 2026
URL: https://advisories.mageia.org/MGASA-2026-0175.html
Type: security
CVE: CVE-2026-4802,
CVE-2026-4631,
CVE-2026-4800
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!