CVE-2025-9176

Name of the Vulnerable Software and Affected Versions: neurobin shc versions through 4.0.3

Description: A security flaw has been discovered in neurobin shc up to version 4.0.3. The make function within the src/shc.c file of the Environment Variable Handler component is affected. Manipulation of this function results in operating system command injection. The attack is only possible with local access. The exploit has been released publicly and may be exploited.

Recommendations: For versions through 4.0.3, consider disabling or restricting the use of the make function within the Environment Variable Handler component as a temporary workaround until a patch is available.