CVE-2026-27975

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ajenti versions prior to 2.2.13

Description Ajenti is a modular server admin panel for Linux and BSD. Before version 2.2.13, an unauthenticated user could gain access to a server and execute arbitrary code. The issue is resolved in version 2.2.13. The vulnerability allows for the execution of arbitrary code on the server.

Recommendations Update to version 2.2.13 or later.

Exploit

Fix

RCE

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2026-27975

GHSA-VCW3-R3FX-J444

Affected Products

Ajenti

CVE-2026-27975

Weakness Enumeration

Related Identifiers

Affected Products

References · 10