CVE-2026-58455

Source
https://cve.org/CVERecord?id=CVE-2026-58455
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-58455.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-58455
Published
2026-07-02T15:12:10.383Z
Modified
2026-07-08T08:13:42.591199723Z
Severity
  • 9.2 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Dockwatch 0.6.567 Unauthenticated OS Command Injection via ajax/compose.php
Details

Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit() after an authentication redirect in loader.php combined with unsanitized input passed to shell_exec() in ajax/compose.php. Attackers can seed the required session flag through the incomplete auth check, then inject arbitrary commands via the composePath POST parameter in the composePull action to achieve full host compromise, facilitated by the standard deployment mounting of the Docker socket.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/58xxx/CVE-2026-58455.json",
    "cna_assigner": "VulnCheck",
    "cwe_ids": [
        "CWE-698",
        "CWE-78"
    ]
}
References

Affected packages

Git / github.com/notifiarr/dockwatch

Affected ranges

Type
GIT
Repo
https://github.com/notifiarr/dockwatch
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.6.567"
        },
        {
            "fixed": "0.6.567"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "DESCRIPTION"
    ]
}

Affected versions

Other
migration-001
migration-002
migration-003
migration-004
migration-005
migration-006
migration-007
migration-008
migration-009
migration-010
migration-011
migration-012
migration-013
migration-014
migration-015
migration-016
migration-017
migration-018
migration-019
migration-020
migration-021
migration-022
v0.*
v0.5.346
v0.5.349
v0.5.350
v0.6.381
v0.6.384
v0.6.403
v0.6.407
v0.6.444
v0.6.457
v0.6.469
v0.6.494
v0.6.517
v0.6.534

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-58455.json"