CVE-2026-7058 | 666ghj MiroFish up to 0.1.2 Inter-Process Communication simulation_ipc.py SimulationIPCClient.send_command command injection (Issue 488)

A vulnerability described as critical has been identified in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.send_command of the file backend/app/services/simulation_ipc.py of the component Inter-Process Communication. Such manipulation leads to command injection.

This vulnerability is referenced as CVE-2026-7058. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More