CVE-2026-34965 | Cockpit CMS PHP File save_collection include collection rules code injection (494765e)

A vulnerability was found in Cockpit CMS. It has been declared as critical. This impacts the function include of the file /cockpit/collections/save_collection of the component PHP File Handler. Executing a manipulation of the argument collection rules can lead to code injection.

This vulnerability is handled as CVE-2026-34965. The attack can be executed remotely. There is not any exploit available.

A patch should be applied to remediate this issue.VulDB Recent EntriesRead More