{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6349", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2026-04-15T11:32:29.759Z", "datePublished": "2026-04-16T02:24:45.258Z", "dateUpdated": "2026-04-24T07:23:51.324Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2026-04-24T07:23:51.324Z"}, "title": "HGiga\uff5ciSherlock - OS Command Injection", "datePublic": "2026-04-16T02:08:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-78", "description": "CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "affected": [{"vendor": "HGiga", "product": "iSherlock-base-4.5", "versions": [{"status": "affected", "version": "0", "lessThan": "476", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HGiga", "product": "iSherlock-audit-4.5", "versions": [{"status": "affected", "version": "0", "lessThan": "261", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HGiga", "product": "iSherlock-base-5.5", "versions": [{"status": "affected", "version": "0", "lessThan": "476", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HGiga", "product": "iSherlock-audit-5.5", "versions": [{"status": "affected", "version": "0", "lessThan": "261", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The\u00a0\niSherlock developed by HGiga\u00a0 has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The&nbsp;\niSherlock developed by HGiga&nbsp; has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server."}]}], "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-10842-3f255-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-10841-4f504-2.html", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "CRITICAL", "baseScore": 9.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "CRITICAL", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "Update iSherlock-base-4.5 package to version 476 or later\n\nUpdate iSherlock-audit-4.5 package to version 261 or later\n\nUpdate iSherlock-base-5.5 package to version 476 or later\n\nUpdate iSherlock-audit-5.5 package to version 261 or later", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Update iSherlock-base-4.5 package to version 476 or later\n<br>Update iSherlock-audit-4.5 package to version 261 or later\n<br>Update iSherlock-base-5.5 package to version 476 or later\n<br>Update iSherlock-audit-5.5 package to version 261 or later"}]}], "source": {"advisory": "TVN-202604002", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-16T13:41:41.769374Z", "id": "CVE-2026-6349", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T13:43:07.281Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6349", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-16T13:41:41.769374Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-16T13:43:02.940Z"}}], "cna": {"title": "HGiga\uff5ciSherlock - OS Command Injection", "source": {"advisory": "TVN-202604002", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "HGiga", "product": "iSherlock-base-4.5", "versions": [{"status": "affected", "version": "0", "lessThan": "476", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HGiga", "product": "iSherlock-audit-4.5", "versions": [{"status": "affected", "version": "0", "lessThan": "261", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HGiga", "product": "iSherlock-base-5.5", "versions": [{"status": "affected", "version": "0", "lessThan": "476", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "HGiga", "product": "iSherlock-audit-5.5", "versions": [{"status": "affected", "version": "0", "lessThan": "261", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update iSherlock-base-4.5 package to version 476 or later\n\nUpdate iSherlock-audit-4.5 package to version 261 or later\n\nUpdate iSherlock-base-5.5 package to version 476 or later\n\nUpdate iSherlock-audit-5.5 package to version 261 or later", "supportingMedia": [{"type": "text/html", "value": "Update iSherlock-base-4.5 package to version 476 or later\n<br>Update iSherlock-audit-4.5 package to version 261 or later\n<br>Update iSherlock-base-5.5 package to version 476 or later\n<br>Update iSherlock-audit-5.5 package to version 261 or later", "base64": false}]}], "datePublic": "2026-04-16T02:08:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-10842-3f255-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-10841-4f504-2.html", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "The\u00a0\niSherlock developed by HGiga\u00a0 has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.", "supportingMedia": [{"type": "text/html", "value": "The&nbsp;\niSherlock developed by HGiga&nbsp; has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper neutralization of special elements used in an OS command ('OS command injection')"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2026-04-24T07:23:51.324Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6349", "state": "PUBLISHED", "dateUpdated": "2026-04-24T07:23:51.324Z", "dateReserved": "2026-04-15T11:32:29.759Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2026-04-16T02:24:45.258Z", "assignerShortName": "twcert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The\u00a0\niSherlock developed by HGiga\u00a0 has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server."}], "id": "CVE-2026-6349", "lastModified": "2026-04-24T08:16:30.537", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2026-04-16T03:16:30.660", "references": [{"source": "twcert@cert.org.tw", "url": "https://www.twcert.org.tw/en/cp-139-10841-4f504-2.html"}, {"source": "twcert@cert.org.tw", "url": "https://www.twcert.org.tw/tw/cp-132-10842-3f255-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "twcert@cert.org.tw", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,261)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "iSherlock-audit-4.5", "source": "cna", "vendor": "HGiga"}, "product": "isherlock-audit", "vendor": "hgiga"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,476)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "manual", "scores": [{"score": 100.0, "source": "manual"}]}, "original": {"product": "iSherlock-base-4.5", "source": "cna", "vendor": "HGiga"}, "product": "isherlock-base", "vendor": "hgiga"}], "analysis": {"en": {"generated_at": "2026-04-28T16:23:14.444497+00:00", "value": {"mitigation_remediation": ["Update iSherlock\u2011base 4.5 to version 476 or later", "Update iSherlock\u2011audit 4.5 to version 261 or later", "Update iSherlock\u2011base 5.5 to version 476 or later", "Update iSherlock\u2011audit 5.5 to version 261 or later"], "summary": {"action": "Immediate Patch", "impact": "Command Injection"}, "threat_synthesis": {"affected_systems": "The affected products are HGiga iSherlock\u2011audit versions 4.5 and 5.5, and HGiga iSherlock\u2011base versions 4.5 and 5.5. Any installation of these versions is susceptible to the exploit and must be reviewed for a patch.", "description_and_impact": "The vulnerability is an OS Command Injection that allows unauthenticated local attackers to inject and execute arbitrary OS commands on the server. This flaw grants full control over the underlying operating system, compromising confidentiality, integrity, and availability. The weakness is identified as a classic OS command injection (CWE\u201178).", "risk_and_exploitability": "The CVSS score of 9.3 indicates a high severity level. The EPSS score of 2% shows a low but non-zero exploitation probability, and the vulnerability is not listed in the CISA KEV catalog, but the absence of listing does not diminish the risk. The flaw requires local, unauthenticated access; an attacker with such access can run arbitrary commands, effectively gaining full control of the affected system. Prompt remediation is essential to mitigate this critical risk."}}}}, "created": "2026-04-16T09:11:59.309726+00:00", "updated": "2026-04-28T16:30:35.098382+00:00", "vendors": ["hgiga", "hgiga$PRODUCT$isherlock-audit", "hgiga$PRODUCT$isherlock-base"]}