CVE-2026-39908 is a credential disclosure vulnerability in OpenBullet2 through version 0.3.2 on Windows. Remote attackers can capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application attempts to load proxies from the UNC path, triggering an SMB authentication attempt that discloses the NTLM [truncated]
CVE-2026-25855 is a high-severity remote code execution vulnerability in OpenBullet2 through version 0.3.2. The vulnerability allows authenticated users to execute arbitrary commands by uploading script files (.bat.ps1.sh) through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources, causing the server to execute the scripts and return output as proxy lin [truncated]
