EXECUTIVE SUMMARY:
CVE-2026-44724 with a CVSS score of 7.8 is a high-severity vulnerability in systeminformation affecting versions 4.17.0 through 5.31.5. The vulnerability occurs due to a Linux command injection in the networkInterfaces() function when an active NetworkManager connection profile name contains shell metacharacters. An attacker who can create or rename an active NetworkManager connection profile can execute arbitrary shell commands when a Node.js process using systeminformation calls networkInterfaces(). This results in the injected command executing with elevated privileges if the calling process runs with elevated access. The impact is significant, as confirmed affected deployments include local inventory agents, monitoring agents, diagnostics tools, and admin dashboard backends, potentially leading to unauthorized access, data theft, or system compromise. To exploit this vulnerability, an attacker requires access to the system and the ability to create or rename an active NetworkManager connection profile, making it a critical issue for organizations utilizing systeminformation with elevated privileges.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-44724 with a CVSS score of 7.8 is a high-severity vulnerability in systeminformation affecting versions 4.17.0 through 5.31.5. The vulnerability occurs due to a Linux command injection in the networkInterfaces() function when an active NetworkManager connection profile name contains shell metacharacters. An attacker who can create or rename an active NetworkManager connection profile can execute arbitrary shell commands when a Node.js process using systeminformation calls networkInterfaces(). This results in the injected command executing with elevated privileges if the calling process runs with elevated access. The impact is significant, as confirmed affected deployments include local inventory agents, monitoring agents, diagnostics tools, and admin dashboard backends, potentially leading to unauthorized access, data theft, or system compromise. To exploit this vulnerability, an attacker requires access to the system and the ability to create or rename an active NetworkManager connection profile, making it a critical issue for organizations utilizing systeminformation with elevated privileges.[emaillocker id="1283"]
RECOMMENDATION:
We recommend you to update systeminformation to version 5.31.6.
REFERENCES:
The following reports contain further technical details:
https://github.com/advisories/GHSA-hvx9-hwr7-wjj9