Critical Alert 1 Active Exploit Detected Today

CVE-2026-45659 Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability →
Powered by CVE Watchtower
×

CVE Watchtower


← Back to CVE List

CVE-2026-56415NVD

Vulnerability Summary

Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization, resulting in arbitrary command execution with root-level privileges on the underlying system.
Severity Level
CRITICAL(10.0)
Published Date
Jun 30, 2026
Last Modified
Jul 1, 2026
Exploitation Status
No confirmed exploitation yet
EPSS Score (30-Day)
3.07%Probability
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh