CVE-2026-3066 | HummerRisk up to 1.5.0 Cloud Compliance Scanning PlatformUtils.java fixedCommand command injection

A vulnerability was found in HummerRisk up to 1.5.0. It has been declared as critical. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation can lead to command injection.

This vulnerability is handled as CVE-2026-3066. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More