Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
Stabilizer Repository: Untrusted Data Injects Commands on System
CVE-2025-52365
Summary
A security risk exists in the Stabilizer repository's szc script. Attackers could potentially inject malicious system commands by manipulating user input. To protect your system, update the Stabilizer repository to the latest version, and ensure you're using the most recent security patches.
Original title
A command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary system commands via unsanitized user input passed to os.sys...
Original description
A command injection vulnerability in the szc script of the ccurtsinger/stabilizer repository allows remote attackers to execute arbitrary system commands via unsanitized user input passed to os.system(). The vulnerability arises from improper input handling where command-line arguments are directly concatenated into shell commands without validation
nvd CVSS3.1
7.8
Vulnerability type
CWE-77
Command Injection
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026