THREATOPS
THREAT OPSThreat News › [GHSA] GHSA-9jpv-c7p4-997x (critical) — DIRAC is vulnerable to RCE in RequestManager due to eval on untrusted input

[GHSA] GHSA-9jpv-c7p4-997x (critical) — DIRAC is vulnerable to RCE in RequestManager due to eval on untrusted input

highgithub_advisoriesPublished 2026-07-13

GHSA-9jpv-c7p4-997x Severity: critical CVE: CVE-2026-45579

DIRAC is vulnerable to RCE in RequestManager due to eval on untrusted input

### Summary An remote code execution vulnerability exists in RequestManager due to the use of eval on untrusted input that allows any authenticated user to run code/commands on the DIRAC server as the system user running the DIRAC services.

### Details The expor

Indicators of compromise

Original source: https://github.com/advisories/GHSA-9jpv-c7p4-997x