1. Critical OS Command Injection Vulnerability CVE-2026-44666 Affects zelon88 HRConvert2 Users Urgent Patch Required
A critical remote code execution vulnerability has been identified in zelon88 HRConvert2, affecting all versions prior to 3.3.8. The flaw, tracked as CVE-2026-44666, stems from improper neutralization of special elements in the sanitizeString() function, specifically mishandling backtick and tab characters. Security re...