CVE-2026-41179 | Rclone up to 1.73.4 RC Endpoint operations/fsinfo bearer_token_command os command injection (GHSA-jfwf-28xr-xw6q)

A vulnerability identified as critical has been detected in Rclone up to 1.73.4. This affects the function bearer_token_command of the file operations/fsinfo of the component RC Endpoint. The manipulation leads to os command injection.

This vulnerability is documented as CVE-2026-41179. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More