PT-2026-55256 · Opensuse · Urild Service
Maxime Rinaudo
·
Published
2026-07-02
·
Updated
2026-07-02
·
CVE-2026-56004
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
A shellcode injection in the mercurial handler of the obs tar scm source service before version 0.12.4 could be used by attackers able to provide a service file to execute code as the source service or the local user checking out the malicious services
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Urild Service