baserCMS < 5.2.3 hit by CRITICAL OS command injection (CVE-2026-30880, CVSS 9.2). Remote unauthenticated RCE possible via installer. Patch to 5.2.3+ now or restrict installer access! https://radar.offseq.com/threat/cve-2026-30880-cwe-78-improper-neutralization-of-s-5ac38c48 #OffSeq #baserCMS #Vuln #infosec