Tag

Foreman

1 brief RSS

Foreman WebSocket Proxy Command Injection Vulnerability (CVE-2026-1961)

A command injection vulnerability exists in Foreman's WebSocket proxy, enabling remote code execution on the Foreman server via a malicious compute resource server when a user accesses VM VNC console functionality.

command-injection rce foreman

2r 1t Mar 26, 2026