CVE-2026-8654_CVE-2026-8654

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host.

AI Analysis

Authenticated OS command injection in Delphix Continuous Data connectors

Basic Information

ID CVE-2026-8654

Source Perforce

Published May 15, 2026 at 05:59

Modified May 15, 2026 at 06:14

Affected Product

Vendor Delphix Continuous data

Product IBM Db2 Connector

Affected Versions Delphix Continuous data IBM Db2 Connector 0
Delphix Continuous data MangoDB Connector 0
Delphix Continuous data PostgreSQL Connector 0
Delphix Continuous data MySQL Connector 0
Delphix Continuous data Oracle EBS Connector 0
Delphix Continuous data SAP HANA Connector 0
Delphix Continuous data CockroachDB Connector 0
Delphix Continuous data Couchbase Connector 0
Delphix Continuous data Cassandra Connector 0
Delphix Continuous data YugabyteDB Connector 0
Delphix Continuous data MSSQL on Linux Connector 0
Delphix Continuous data Oracle Backup Ingestion Connector 0

CWE Classification

CWE-78

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Delphix

Product Delphix Continuous Data connectors

References

portal.perforce.com /s/cve/a91Qi000002z78HIAQ/authenticated-os-command-injection-in-delphix-continuous-data-connectors

{
    "lastseen": "",
    "description": "Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host.",
    "published": "2026-05-15T05:59:25.449Z",
    "modified": "2026-05-15T06:14:00.862Z",
    "type": "cve",
    "title": "CVE-2026-8654",
    "source": "Perforce",
    "references": "https://portal.perforce.com/s/cve/a91Qi000002z78HIAQ/authenticated-os-command-injection-in-delphix-continuous-data-connectors",
    "id": "CVE-2026-8654",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "Delphix Continuous data IBM Db2 Connector 0\nDelphix Continuous data MangoDB Connector 0\nDelphix Continuous data PostgreSQL Connector 0\nDelphix Continuous data MySQL Connector 0\nDelphix Continuous data Oracle EBS Connector 0\nDelphix Continuous data SAP HANA Connector 0\nDelphix Continuous data CockroachDB Connector 0\nDelphix Continuous data Couchbase Connector 0\nDelphix Continuous data Cassandra Connector 0\nDelphix Continuous data YugabyteDB Connector 0\nDelphix Continuous data MSSQL on Linux Connector 0\nDelphix Continuous data Oracle Backup Ingestion Connector 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "IBM Db2 Connector",
    "version": "0",
    "vendor": "Delphix Continuous data",
    "ai_description": "Authenticated OS command injection in Delphix Continuous Data connectors",
    "ai_severity": "High",
    "ai_vendor": "Delphix",
    "ai_product": "Delphix Continuous Data connectors",
    "ai_version": "0",
    "ai_score": 8.7
}