CVE-2026-36365
Awaiting Analysis Awaiting Analysis - Queue
Arbitrary Code Execution in caesium-image-compressor

Publication date: 2026-05-04

Last updated on: 2026-05-07

Assigner: MITRE

Description
An issue in Lymphatus caesium-image-compressor All versions up to and including commit 02da2c6 allows a local attacker to execute arbitrary code via the shutdownMachine and putMachineToSleep functions in PostCompressionActions.cpp
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-04
Last Modified
2026-05-07
Generated
2026-06-16
AI Q&A
2026-05-05
EPSS Evaluated
2026-06-15
NVD
CVE-2026-36365
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lymphatus caesium-image-compressor to 02da2c6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not include any details about how the vulnerability in Lymphatus caesium-image-compressor affects compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

An attacker with local access could exploit this vulnerability to execute arbitrary code on the affected system. This could lead to unauthorized control over the machine, potentially allowing the attacker to disrupt operations, access sensitive data, or install malicious software.

Executive Summary

This vulnerability exists in Lymphatus caesium-image-compressor in all versions up to and including commit 02da2c6. It allows a local attacker to execute arbitrary code by exploiting the shutdownMachine and putMachineToSleep functions in the PostCompressionActions.cpp file.

Detection Guidance

This vulnerability involves local arbitrary code execution via unsafe system calls in the shutdownMachine and putMachineToSleep functions of the caesium-image-compressor software. Detection would require identifying if the affected versions (up to and including commit 02da2c6) of the software are installed and in use on the system.

Since the vulnerability is local and triggered by specific functions in the application, network detection is unlikely. Instead, detection can focus on verifying the installed version of caesium-image-compressor.

  • Check the installed version or commit of caesium-image-compressor by running the application with a version command, for example: `caesium-image-compressor --version` or checking the binary metadata.
  • On Linux, you can locate the binary and check its version or commit hash if available.
  • Review system logs or audit logs for any suspicious execution of shutdown or sleep commands triggered by the caesium-image-compressor application.

No specific detection commands or signatures are provided in the available resources.

Mitigation Strategies

The immediate mitigation step is to update the caesium-image-compressor software to a version that includes the security fix replacing unsafe system() calls with safer QProcess::startDetached() calls.

If an updated version is not yet available, avoid running the vulnerable functions (shutdownMachine and putMachineToSleep) or restrict local user access to the application to trusted users only.

Monitor the official repository or advisories for the release of the patched version and apply it as soon as possible.

As a general security practice, limit local user privileges to reduce the risk of arbitrary code execution.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-36365. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart