Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-2fwj-hx42-c3bm
SummaryImproper neutralization of argument delimiters in a command ('argument injection') vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Hijacking a Privileged Thread of Execution.This issue affects upKeeper Instant Privilege Access: through 1.5.0.
Aliases
0
alias CVE-2026-2449
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-2449
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25656
published_at 2026-06-11T12:55:00Z
1
value 0.00091
scoring_system epss
scoring_elements 0.25855
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-2449
1
reference_url https://support.upkeeper.se/hc/en-us/articles/26783425404444-CVE-2026-2449-Improper-neutralization-of-argument-delimiters-in-a-command
reference_id 26783425404444-CVE-2026-2449-Improper-neutralization-of-argument-delimiters-in-a-command
reference_type
scores
0
value 9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-14T13:02:37Z/
url https://support.upkeeper.se/hc/en-us/articles/26783425404444-CVE-2026-2449-Improper-neutralization-of-argument-delimiters-in-a-command
Weaknesses
0
cwe_id 88
name Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
description The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.
Exploits
Severity_range_score9.0 - 9.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-2fwj-hx42-c3bm