CVE-2026-26009: CWE-78: Improper Neutralization of Special Elements used in an O CVE-2026-26009 is an OS command injection vulnerability categorized under CWE-78 affecting the karutoil catalyst platform, which is designed for enterprise game server hosting, game communities, and billing panel integrations. The root caus

CRITICAL: CVE-2026-26009 in karutoil catalyst (<11980aaf3f46315b02777f325ba02c56b110165d) enables cluster-wide root RCE via template perms. Patch now & restrict access! 🚨 radar.offseq.com/threat/cve-2026-26009-cw... #OffSeq #vuln #karutoil