VIR Vulnerability Intelligence Relay

Package impact

ruby RUBYGEMS / openc3

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-42087 critical 9.6 9.6 1mo ago OpenC3 COSMOS has SQL Injection in QuestDB Time-Series Database
CVE-2026-42084 high 8.1 8.1 1mo ago OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence
CVE-2026-42086 medium 4.6 4.6 1mo ago OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0, the Command Sender UI uses an unsafe eval() function on…
CVE-2026-42085 medium 4.3 4.3 1mo ago OpenC3 COSMOS allows arbitrary writes to plugins directory via path-traversed config filenames