OpenBullet2 0.3.2 Authenticated RCE via Job Configuration Interface_CVE-2026-25856

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by creating or modifying job configurations. Attackers can leverage the plain C# execution mode, which lacks reference filtering or API restrictions, to access the file system, spawn processes, and invoke arbitrary .NET APIs as the process user.

AI Analysis

Authenticated remote code execution vulnerability in OpenBullet2 via job configuration interface

Basic Information

ID CVE-2026-25856

Source VulnCheck

Published Jun 8, 2026 at 16:50

Affected Product

Vendor openbullet

Product openbullet2

Affected Versions openbullet openbullet2 0

CWE Classification

CWE-94

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor OpenBullet

Product OpenBullet2

Version 0.3.2

References

{
    "lastseen": "",
    "description": "OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C# code on the server host by creating or modifying job configurations. Attackers can leverage the plain C# execution mode, which lacks reference filtering or API restrictions, to access the file system, spawn processes, and invoke arbitrary .NET APIs as the process user.",
    "published": "2026-06-08T16:50:42.870Z",
    "modified": "2026-06-08T16:50:42.870Z",
    "type": "cve",
    "title": "OpenBullet2 0.3.2 Authenticated RCE via Job Configuration Interface",
    "source": "VulnCheck",
    "references": "https://hackernoon.com/one-empty-header-to-admin-how-an-auth-bypass-breaks-openbullet2\nhttps://www.vulncheck.com/advisories/openbullet2-authenticated-rce-via-job-configuration-interface",
    "id": "CVE-2026-25856",
    "bulletinFamily": "",
    "cwe": [
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "openbullet openbullet2 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "openbullet2",
    "version": "0",
    "vendor": "openbullet",
    "ai_description": "Authenticated remote code execution vulnerability in OpenBullet2 via job configuration interface",
    "ai_severity": "High",
    "ai_vendor": "OpenBullet",
    "ai_product": "OpenBullet2",
    "ai_version": "0.3.2",
    "ai_score": 8.7
}