CVE-2026-8153CRITICAL 9.8EPSS p76.1%

CVE-2026-8153CVE-2026-8153

Description

OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.25.1 allows unauthenticated attacker to craft commands that will execute code on the robot's OS.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS1.83% probability of exploitation · percentile 76.1% · 2026-06-19T12:03:05Z
Published2026-05-08
Last modified2026-05-11

Underlying weaknesses· 1

CWE-78

References

  1. https://www.universal-robots.com/developer/communication-protocol/dashboard-server/

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-8603
CVE
CVE-2025-56413
CVE
CVE-2026-22550
CVE
CVE-2026-33277
CVE
CVE-2026-41551
CVE
CVE-2025-59286
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.