Package impact
RubyGems / openc3
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42087 | critical | 9.6 | 9.6 | 1mo ago | OpenC3 COSMOS has SQL Injection in QuestDB Time-Series Database | |||
| CVE-2026-42086 | medium | 4.6 | 4.6 | 1mo ago | OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender | |||
| CVE-2026-42085 | medium | 4.3 | 4.3 | 1mo ago | OpenC3 COSMOS allows arbitrary writes to plugins directory via path-traversed config filenames |