CVE-2026-27182

HIGH

Saturn Remote Mouse Server - Command Injection

Title source: llm

Description

Saturn Remote Mouse Server contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending specially crafted UDP JSON frames to port 27000. Attackers on the local network can send malformed packets with unsanitized command data that the service forwards directly to OS execution functions, enabling remote code execution under the service account.

References (3)

[Various Sources] https://packetstorm.news/files/id/215835/

[Various Sources] https://www.saturnremote.com/

[Third Party Advisory] https://www.vulncheck.com/advisories/saturn-remote-mouse-server-udp-command-injection-rce

Scores

CVSS v3 8.4

EPSS 0.0013

EPSS Percentile 31.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-306

Status published

Products (1)

saturnremote/Saturn Remote Mouse Server

Published Feb 18, 2026

Tracked Since Feb 19, 2026