Critical severity9.8NVD Advisory· Published May 8, 2026· Updated May 11, 2026

CVE-2026-8153

Description

OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.universal-robots.com/developer/communication-protocol/dashboard-server/nvd

News mentions

Universal Robots Polyscope 5
CISA Alerts

cvss	0.637
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000