CVE-2026-37281

Published: May 19, 2026

Modified: May 20, 2026

PUBLISHED

Description

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/hitarth-gg/zenshin

https://github.com/hitarth-gg/zenshin/commit/7d31c6edfbac978f0ad44c66d761bab9dcd2fa27

https://gist.github.com/MitruStefan/cf016709252aabbec7f95b7a70e0cfba

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-37281

Description

Affected Products

References