CVE-2025-66644 | Array ArrayOS AG up to 9.4.5.9 os command injection

December 6, 2025 Yanac

A vulnerability, which was classified as critical, was found in Array ArrayOS AG up to 9.4.5.9. The affected element is an unknown function. The manipulation results in os command injection.

This vulnerability is known as CVE-2025-66644. It is possible to launch the attack remotely. Furthermore, an exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More

CVE-2025-34257 | Advantech WISE-DeviceOn Server up to 5.3 /rmm/v1/action/defined defined_name cross site scripting
CVE-2025-66556 | Nextcloud Talk up to 20.1.7/21.1.1 Conversation authorization (GHSA-pr9f-vqgg-m2jh)