What is CVE-2026-1064?

A low-severity command injection vulnerability exists in bastillion-io Bastillion up to version 4.0.1, affecting the System Management Module. Organizations should prioritize remediation efforts to mitigate potential risks associated with this vulnerability.

What is the severity of CVE-2026-1064?

CVE-2026-1064 has a severity rating of LOW with a CVSS base score of 2.

CVE-2026-1064 | Low Vulnerability in bastillion-io Bastillion

A vulnerability was found in bastillion-io Bastillion up to version 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

The severity level of this vulnerability is classified as low, with a CVSS score of 2. This indicates a lower level of risk, yet organizations should not overlook it. Risk to organizations includes potential unauthorized command execution, which could lead to further exploitation or compromise.

Currently, there is no known exploit confirmed in the wild, but the existence of a public proof-of-concept should be a concern for organizations using affected versions. Organizations should prioritize patching immediately.

It is crucial for organizations to assess their vulnerability management strategies to ensure that such vulnerabilities are addressed timely, even if classified as low severity.

Vulnerability Details

The vulnerability allows command injection via remote manipulation of the System Management Module in bastillion-io Bastillion versions up to 4.0.1. The CVSS score of 2 confirms a low severity level, indicating minimal impact on confidentiality, integrity, and availability.

The relevant weaknesses are classified as CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component) and CWE-77 (Improper Neutralization of Special Elements used in a Command ('Command Injection')).

Technical Analysis

The root cause of this vulnerability stems from inadequate input validation within the System Management Module. The attack vector is through network communication, with low attack complexity and high privileges required for exploitation.

The vulnerability does not require user interaction, making it easier for an attacker to exploit remotely. The impacts on confidentiality, integrity, and availability are all classified as low, meaning the potential damage is limited but still concerning.

Risk & Impact Analysis

The real-world deployment risk associated with CVE-2026-1064 lies in the potential for unauthorized command execution, which could be leveraged by attackers to gain further access or escalate privileges within an affected system. Although the current CVSS score is low, the possibility of a successful attack, especially against users with high privileges, warrants attention.

Organizations that utilize bastillion-io Bastillion should treat this vulnerability seriously, as the presence of a public exploit could lead to increased scrutiny from malicious actors. The urgency for defense teams is to incorporate this vulnerability into their patch management cycle as they can still face exploitation despite the low severity rating.

Signal	Status
Known Exploit	No
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected versions include bastillion-io Bastillion up to 4.0.1. Organizations should ensure they are running a patched version to mitigate potential risks.

Mitigation & Remediation

Organizations should apply the latest patches available for bastillion-io Bastillion immediately. If a patch is unavailable, consider implementing network controls to restrict access to vulnerable components and monitoring for unauthorized access attempts. For further guidance, refer to the penetration testing services to identify any similar weaknesses.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for any unusual command executions, particularly from high-privilege users. Look for behavioral anomalies that deviate from normal operations, as well as network signatures indicative of command injection attempts.

AppSecure Threat Intelligence Insight

The long-term significance of this vulnerability lies in its representation of common weaknesses found in command injection vulnerabilities across various applications. Security teams should be vigilant about input validation processes to prevent similar vulnerabilities. For a comprehensive approach to securing applications, organizations should consider adopting a vulnerability management program and conducting regular security assessments, including penetration testing to identify and remediate potential vulnerabilities before they can be exploited.

In summary, this vulnerability serves as a reminder that even low-severity vulnerabilities can present significant risks if left unaddressed, especially in environments with high privilege access.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2026-1064: Low Vulnerability in bastillion-io Bastillion