CVE-2026-27613 | maximmasiutin TinyWeb up to 2.0 on Win32 php-cgi.exe os command injection (GHSA-rfx5-fh9m-9jj9)

A vulnerability was found in maximmasiutin TinyWeb up to 2.0 on Win32. It has been rated as critical. Affected is an unknown function of the file php-cgi.exe. Performing a manipulation results in os command injection.

This vulnerability is reported as CVE-2026-27613. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More