Signal
Vulnerability in Control-M/Server for UNIX and Microsoft Windows: Unauthenticated remote command injection
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-07-01 22:21 UTCUpdated 2026-07-02 02:00 UTC
rss
securitymicrosoft_windows
Trend in the last 24h
Current brief openSource links open
This current signal is open on the public brief with summary, metadata, source links, and full evidence. Pro adds compare-over-time, alerts, exports, and workflow.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.3 top sources shown
Overview
Classification: Critical, Solution: Official Fix, Exploit Maturity: Not Defined, CVSSv3.1: 9.1, CVEs: CVE-2026-23537, Summary: A vulnerability has been identified in the Feast Feature Server’s `/save-document` endpoint that allows an unauthenticated remote attacker to write arbitrary JSON files to the server's...
Score total
1.05
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
All evidence
All evidence
Feast: unauthenticated arbitrary file write
NCSC-FI - Vulnerabilities · nvd.nist.gov · 2026-07-02 02:00 UTC
Vulnerability in Control-M/Server for UNIX and Microsoft Windows: Unauthenticated remote command injection
NCSC-FI - Vulnerabilities · bmcapps.my.site.com · 2026-07-02 02:00 UTC
Progress Kemp LoadMaster vulnerability actively exploited
SC Media · scworld.com · 2026-07-01 22:21 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 2Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
- NCSC-FI - Vulnerabilities (2)
- SC Media (1)
Top origin domains (this list)
- nvd.nist.gov (1)
- bmcapps.my.site.com (1)
- scworld.com (1)