CVE-2026-2449

Published: Apr 14, 2026 Last Modified: Apr 14, 2026

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,0

Source: 80f39f49-2521-4ee7-9e17-af5d55e8032f

Attack Vector: network

Attack Complexity: high

Privileges Required: low

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

Description

AI Translation Available

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0007

Percentile

0,2th

Updated

EPSS Score Trend (Last 2 Days)

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Integrity Availability Other

Potential Impacts:

Execute Unauthorized Code Or Commands Alter Execution Logic Read Application Data Modify Application Data

Applicable Platforms

Languages: Not Language-Specific, PHP

View CWE Details

https://support.upkeeper.se/hc/en-us/articles/2678342540444…

https://support.upkeeper.se/hc/en-us/articles/26783425404444-CVE-2026-2449-Impr…

CVE-2026-2449

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Common Consequences

Applicable Platforms

Iscriviti alla newsletter