{"id":54787,"date":"2026-05-15T02:34:55","date_gmt":"2026-05-15T02:34:55","guid":{"rendered":"https:\/\/zero.redgem.net\/?p=54787"},"modified":"2026-05-15T02:34:55","modified_gmt":"2026-05-15T02:34:55","slug":"cve-2026-8654","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=54787","title":{"rendered":"CVE-2026-8654_CVE-2026-8654"},"content":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host.&#8221;,&#8221;published&#8221;:&#8221;2026-05-15T05:59:25.449Z&#8221;,&#8221;modified&#8221;:&#8221;2026-05-15T06:14:00.862Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;source&#8221;:&#8221;Perforce&#8221;,&#8221;references&#8221;:&#8221;https:\/\/portal.perforce.com\/s\/cve\/a91Qi000002z78HIAQ\/authenticated-os-command-injection-in-delphix-continuous-data-connectors&#8221;,&#8221;id&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-78&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Delphix Continuous data IBM Db2 Connector 0\\nDelphix Continuous data MangoDB Connector 0\\nDelphix Continuous data PostgreSQL Connector 0\\nDelphix Continuous data MySQL Connector 0\\nDelphix Continuous data Oracle EBS Connector 0\\nDelphix Continuous data SAP HANA Connector 0\\nDelphix Continuous data CockroachDB Connector 0\\nDelphix Continuous data Couchbase Connector 0\\nDelphix Continuous data Cassandra Connector 0\\nDelphix Continuous data YugabyteDB Connector 0\\nDelphix Continuous data MSSQL on Linux Connector 0\\nDelphix Continuous data Oracle Backup Ingestion Connector 0&#8243;,&#8221;sourceHref&#8221;:&#8221;&#8221;,&#8221;cvss&#8221;:{&#8220;score&#8221;:8.7,&#8221;severity&#8221;:&#8221;HIGH&#8221;,&#8221;vector&#8221;:&#8221;CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:N\/VC:H\/VI:H\/VA:H\/SC:N\/SI:N\/SA:N&#8221;,&#8221;version&#8221;:&#8221;4.0&#8243;},&#8221;cvss2&#8243;:{},&#8221;cvss3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;,&#8221;cvssV3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;}},&#8221;href&#8221;:&#8221;&#8221;,&#8221;category_name&#8221;:&#8221;CVE&#8221;,&#8221;post_link&#8221;:&#8221;&#8221;,&#8221;product&#8221;:&#8221;IBM Db2 Connector&#8221;,&#8221;version&#8221;:&#8221;0&#8243;,&#8221;vendor&#8221;:&#8221;Delphix Continuous data&#8221;,&#8221;ai_description&#8221;:&#8221;Authenticated OS command injection in Delphix Continuous Data connectors&#8221;,&#8221;ai_severity&#8221;:&#8221;High&#8221;,&#8221;ai_vendor&#8221;:&#8221;Delphix&#8221;,&#8221;ai_product&#8221;:&#8221;Delphix Continuous Data connectors&#8221;,&#8221;ai_version&#8221;:&#8221;0&#8243;,&#8221;ai_score&#8221;:8.7}<\/p>\n","protected":false},"excerpt":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host.&#8221;,&#8221;published&#8221;:&#8221;2026-05-15T05:59:25.449Z&#8221;,&#8221;modified&#8221;:&#8221;2026-05-15T06:14:00.862Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;source&#8221;:&#8221;Perforce&#8221;,&#8221;references&#8221;:&#8221;https:\/\/portal.perforce.com\/s\/cve\/a91Qi000002z78HIAQ\/authenticated-os-command-injection-in-delphix-continuous-data-connectors&#8221;,&#8221;id&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-78&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Delphix Continuous&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,19,12,15,13,7,11,5],"class_list":["post-54787","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-87","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CVE-2026-8654_CVE-2026-8654 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=54787\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2026-8654_CVE-2026-8654 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host.&#8221;,&#8221;published&#8221;:&#8221;2026-05-15T05:59:25.449Z&#8221;,&#8221;modified&#8221;:&#8221;2026-05-15T06:14:00.862Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;source&#8221;:&#8221;Perforce&#8221;,&#8221;references&#8221;:&#8221;https:\/\/portal.perforce.com\/s\/cve\/a91Qi000002z78HIAQ\/authenticated-os-command-injection-in-delphix-continuous-data-connectors&#8221;,&#8221;id&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-78&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Delphix Continuous...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=54787\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-15T02:34:55+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"CVE-2026-8654_CVE-2026-8654\",\"datePublished\":\"2026-05-15T02:34:55+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787\"},\"wordCount\":234,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-8.7\",\"exploit\",\"HIGH\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=54787#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787\",\"name\":\"CVE-2026-8654_CVE-2026-8654 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-05-15T02:34:55+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=54787\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=54787#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2026-8654_CVE-2026-8654\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2026-8654_CVE-2026-8654 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=54787","og_locale":"en_US","og_type":"article","og_title":"CVE-2026-8654_CVE-2026-8654 - zero redgem","og_description":"{&#8220;lastseen&#8221;:&#8221;&#8221;,&#8221;description&#8221;:&#8221;Improper input validation in Delphix Continuous Data connectors allows an authenticated user to execute arbitrary operating system commands on the staging or target host.&#8221;,&#8221;published&#8221;:&#8221;2026-05-15T05:59:25.449Z&#8221;,&#8221;modified&#8221;:&#8221;2026-05-15T06:14:00.862Z&#8221;,&#8221;type&#8221;:&#8221;cve&#8221;,&#8221;title&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;source&#8221;:&#8221;Perforce&#8221;,&#8221;references&#8221;:&#8221;https:\/\/portal.perforce.com\/s\/cve\/a91Qi000002z78HIAQ\/authenticated-os-command-injection-in-delphix-continuous-data-connectors&#8221;,&#8221;id&#8221;:&#8221;CVE-2026-8654&#8243;,&#8221;bulletinFamily&#8221;:&#8221;&#8221;,&#8221;cwe&#8221;:[&#8220;CWE-78&#8243;],&#8221;cvelist&#8221;:null,&#8221;sourceData&#8221;:&#8221;Delphix Continuous...","og_url":"https:\/\/zero.redgem.net\/?p=54787","og_site_name":"zero redgem","article_published_time":"2026-05-15T02:34:55+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=54787#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=54787"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"CVE-2026-8654_CVE-2026-8654","datePublished":"2026-05-15T02:34:55+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=54787"},"wordCount":234,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-8.7","exploit","HIGH","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=54787#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=54787","url":"https:\/\/zero.redgem.net\/?p=54787","name":"CVE-2026-8654_CVE-2026-8654 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-05-15T02:34:55+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=54787#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=54787"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=54787#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"CVE-2026-8654_CVE-2026-8654"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/54787","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=54787"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/54787\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=54787"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=54787"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=54787"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}