Vulnerabilities3 min read
NewSoftOA Command Injection Lets Local Attackers Own Servers
CVE-2026-5965 in NewSoftOA enables unauthenticated OS command injection with CVSS 9.8. Local attackers can execute arbitrary commands and fully compromise systems.
Marcus ChenApr 21, 2026