Mmahrous

mmahrous

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Thumbler

thumbler

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-26833 1Mmahrous 1Thumbler Mar 30, 2026 Mar 25, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail() function because user input is concatenated into a shell command string passed to child_process.exec()...Show more thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail() function because user input is concatenated into a shell command string passed to child_process.exec() without proper sanitization or escaping.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2026-26833

1Mmahrous

1Thumbler

Mar 30, 2026

Mar 25, 2026

N/A· v4

9.8 CRITICAL· v3

N/A· v2

thumbler through 1.1.2 allows OS command injection via the input, output, time, or size parameter in the thumbnail() function because user input is concatenated into a shell command string passed to child_process.exec()...Show more