CVE-2026-59721 | Hoppscotch up to 2026.5.x Infra admin/infra.resolver.ts updateInfraConfigs MAILER_SMTP_URL os command injection

SecurityVulns

A vulnerability labeled as very critical has been found in Hoppscotch up to 2026.5.x. This impacts the function updateInfraConfigs of the file admin/infra.resolver.ts of the component Infra. Executing a manipulation of the argument MAILER_SMTP_URL can lead to os command injection.

The identification of this vulnerability is CVE-2026-59721. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More