Critical severity9.8NVD Advisory· Published May 19, 2026· Updated May 20, 2026
CVE-2026-37281
CVE-2026-37281
Description
An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.7.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.