Part of Lyceum Intelligence — deep-research In Focus reports → · Lyceum Corpus — ask the documents →

Full-text search across 381 articles. Typo-tolerant.

Lyceum News Desk ·

CVE-2026-36576 -- CVSS 9.8 Vulnerability Briefing

CVE-2026-36576 | CVSS 9.8 (Critical) | Exploit: No known exploit

What Is It

CVE-2026-36576 is an OS command injection vulnerability in the app.py component of openlabs docker-wkhtmltopdf-aas, a Dockerized web service that converts HTML to PDF using wkhtmltopdf, affecting all versions up to and including commit 9f50579.

Technical Detail

The flaw exists in how app.py processes user-supplied input from POST requests without adequate sanitization before passing it to an underlying OS command execution context. An unauthenticated remote attacker can craft a malicious POST request containing injected shell metacharacters or command sequences to achieve arbitrary OS command execution on the host container. Successful exploitation results in remote code execution (RCE) within the container environment, which may extend to host-level compromise depending on container privilege configuration and Docker socket exposure.

Exploitation Status

No known exploit code has been publicly identified at this time, and this CVE is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. The exploit maturity is currently assessed as no known exploit. However, the vulnerability class (OS command injection via unauthenticated HTTP POST) is well understood and straightforward to weaponize, meaning the barrier to exploitation is low for a capable attacker once the endpoint is identified.

Who Is Targeting This

No specific threat actor attribution at this time. Neither confirmed nor reported threat actor associations have been established for this CVE as of June 10, 2026.

What To Do

Organizations running openlabs docker-wkhtmltopdf-aas should immediately assess whether any instances are deployed and reachable from untrusted networks. No official patched release has been confirmed in the available data, so the primary mitigation is to restrict network access to the service using firewall rules or reverse proxy authentication controls, ensuring the endpoint is not exposed to the public internet or untrusted internal segments. Monitor container logs for anomalous POST request patterns, unexpected process spawning, or outbound network connections originating from the wkhtmltopdf container. If the service is not operationally required, disable or remove it until a patched version is available. Track the upstream repository for commits beyond 9f50579 that address input sanitization in app.py.

In Focus
All analysis →

Deep-research intelligence reports from Lyceum Intelligence — structured assessments with sourced claims and calibrated conclusions.

Browse Intelligence Reports →