Home / Vulnerability Intelligence / CVE-2026-0980

CVE-2026-0980 - Vulnerability Analysis

HighCVSS: 8.3

Last Updated: February 27, 2026

Red Hat Satellite rubyipmi - Remote Code Execution

Published: February 27, 2026Updated: February 27, 2026Remote Exploitable

Overview

Red Hat Satellite rubyipmi gem contains a remote code execution caused by crafted malicious username in BMC interface, letting authenticated attackers with host creation or update permissions execute code remotely, exploit requires specific permissions.

Severity & Score

Severity: High

CVSS Score: 8.3

EPSS Score: 21.7%(Probability of exploitation in next 30 days)

Impact

Authenticated attackers with host creation or update permissions can execute arbitrary code remotely, potentially compromising the system.

Mitigation

Update rubyipmi gem to the latest version.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Feb 28, 2026

🟠 CVE-2026-0980 - High (8.3) A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious usern... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0980/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-0980
Severity: High
CVSS Score: 8.3
Type: remote_code_execution
Status: unconfirmed
EPSS: 21.7%
Social Posts: 1

CWE

CWE-78

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

EPSS Score

21.7%Probability of exploitation in the next 30 days