CVE-2026-42087 | OpenC3 cosmos up to 7.0.0-rc2 cvt_model.rb tsdb_lookup sql injection (GHSA-v529-vhwc-wfc5)

A vulnerability described as critical has been identified in OpenC3 cosmos up to 7.0.0-rc2. This affects the function tsdb_lookup of the file cvt_model.rb. The manipulation results in sql injection.

This vulnerability is cataloged as CVE-2026-42087. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More