CVE-2026-28207 | z-libs Zen-C up to 0.4.1 system os command injection (GHSA-9rff-x96h-76h2)

February 27, 2026 Yanac

A vulnerability identified as critical has been detected in z-libs Zen-C up to 0.4.1. Affected is the function system. Performing a manipulation results in os command injection.

This vulnerability is known as CVE-2026-28207. Attacking locally is a requirement. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-28217 | hoppscotch 2023.4.5/2023.12.6 userCollection data authorization (GHSA-m5pg-r4jp-qq75)
CVE-2026-28211 | CyrilleB79 NVDA-Dev-Test-Toolbox up to 8.x Log Reader data query logic injection (GHSA-39pg-6xpm-mjgf)