CVE-2026-5965

· NIST NVD ↗

NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.

CRITICAL
CVSS severity
9.8
CVSS base score
2026-04-21
Published

CWE codes

CWE-78

Sources