Remote Command Execution via Unsanitized UI Parameters in Cockpit
CVE-2026-4802 Published on May 11, 2026

Cockpit: cockpit: arbitrary command execution via crafted links in system logs ui
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these parameters, leading to the execution of arbitrary shell commands on the affected system. This could result in a complete system compromise.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-4802 is exploitable with network access, requires user interaction and a small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Timeline

2026-03-25

Reported to Red Hat.

2026-05-11

Made public. 47 days later.

Weakness Type

What is a Shell injection Vulnerability?

The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE-2026-4802 has been classified to as a Shell injection vulnerability or weakness.

Products Associated with CVE-2026-4802

Want to know whenever a new CVE is published for Red Hat products? stack.watch will email you.

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Eus

Red Hat Rhel E4s

Red Hat Rhel Tus

Red Hat Rhel Aus

Red Hat Rhel Eus

Affected Versions

Red Hat Enterprise Linux 10:

Version 0:356.2-1.el10_2 and below * is unaffected.

Red Hat Enterprise Linux 10.0 Extended Update Support:

Version 0:334.2-1.el10_0 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:310.8-1.el8_10 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support:

Version 0:264.3-1.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Telecommunications Update Service:

Version 0:264.3-1.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions:

Version 0:264.3-1.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Telecommunications Update Service:

Version 0:286.2-1.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions:

Version 0:286.2-1.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:356.2-1.el9_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:356.2-1.el9_8 and below * is unaffected.

Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions:

Version 0:264.3-1.el9_0 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions:

Version 0:286.3-1.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.4 Extended Update Support:

Version 0:311.3-1.el9_4 and below * is unaffected.

Red Hat Enterprise Linux 9.6 Extended Update Support:

Version 0:334.3-1.el9_6 and below * is unaffected.

Red Hat Enterprise Linux 7:

Remote Command Execution via Unsanitized UI Parameters in CockpitCVE-2026-4802 Published on May 11, 2026

Vulnerability Analysis

Timeline

Weakness Type

What is a Shell injection Vulnerability?

Products Associated with CVE-2026-4802

Affected Versions

Remote Command Execution via Unsanitized UI Parameters in Cockpit
CVE-2026-4802 Published on May 11, 2026