{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/foreman/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["critical"],"_cs_tags":["command-injection","rce","foreman"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eCVE-2026-1961 identifies a critical command injection vulnerability within the Foreman application, specifically affecting the WebSocket proxy implementation. This flaw stems from the use of unsanitized hostname values obtained from compute resource providers during the construction of shell commands. An attacker who controls a malicious compute resource server can exploit this vulnerability to execute arbitrary code on the Foreman server. This is achieved when a user interacts with the VM VNC…\u003c/p\u003e\n","date_modified":"2026-03-26T13:16:27Z","date_published":"2026-03-26T13:16:27Z","id":"/briefs/2026-03-foreman-rce/","summary":"A command injection vulnerability exists in Foreman's WebSocket proxy, enabling remote code execution on the Foreman server via a malicious compute resource server when a user accesses VM VNC console functionality.","title":"Foreman WebSocket Proxy Command Injection Vulnerability (CVE-2026-1961)","url":"https://feed.craftedsignal.io/briefs/2026-03-foreman-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Foreman","version":"https://jsonfeed.org/version/1.1"}