Package impact
RUBYGEMS / openc3
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42084 | high | 8.1 | 8.1 | 1mo ago | OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence | |||
| CVE-2026-42086 | medium | 4.6 | 4.6 | 1mo ago | OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender | |||
| CVE-2026-42085 | medium | 4.3 | 4.3 | 1mo ago | OpenC3 COSMOS allows arbitrary writes to plugins directory via path-traversed config filenames |