Remote Code Execution Vulnerability in Thales CERT Suspicious Application
CVE-2026-13014
9.2CRITICAL
What is CVE-2026-13014?
A significant vulnerability exists in the Thales CERT 'Suspicious' application versions 1.3.4 and earlier, allowing remote and unauthenticated attackers to execute arbitrary code. This can lead to arbitrary overwriting of writable application files, such as Python modules, configuration settings, cron inputs, and runtime artifacts. Consequently, this raises the risk of persistent denial of service and potential compromise of sensitive application secrets or integrations, permitting attackers to gain root-level execution access within the Django application container.
Affected Version(s)
Suspicious v1.2.0
