https://feed.craftedsignal.io/tags/foreman/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioThu, 26 Mar 2026 13:16:27 +0000https://feed.craftedsignal.io/briefs/2026-03-foreman-rce/Thu, 26 Mar 2026 13:16:27 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-foreman-rce/A command injection vulnerability exists in Foreman's WebSocket proxy, enabling remote code execution on the Foreman server via a malicious compute resource server when a user accesses VM VNC console functionality.<p>CVE-2026-1961 identifies a critical command injection vulnerability within the Foreman application, specifically affecting the WebSocket proxy implementation. This flaw stems from the use of unsanitized hostname values obtained from compute resource providers during the construction of shell commands. An attacker who controls a malicious compute resource server can exploit this vulnerability to execute arbitrary code on the Foreman server. This is achieved when a user interacts with the VM VNC…</p> criticaladvisorycommand-injectionrceforeman