VYPR

Go modules package

github.com/jmpsec/osctrl

pkg:golang/github.com/jmpsec/osctrl

Vulnerabilities (2)

  • CVE-2026-28280Feb 26, 2026
    affected < 0.5.0fixed 0.5.0

    osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting (XSS) vulnerability exists in the `osctrl-admin` on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-de

  • CVE-2026-28279Feb 26, 2026
    affected < 0.5.0fixed 0.5.0

    osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the `osctrl-admin` environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing e