CVE-2026-27635 is an OS command injection vulnerability identified in manyfold, a self-hosted web application designed to manage collections of 3D models, especially for 3D printing workflows. The vulnerability exists in versions prior to 0.133.0 when the model render generation feature is enabled. Specifically, the issue stems from improper sanitization of filenames within uploaded ZIP archives. When a logged-in user uploads a ZIP file containing a file whose name includes shell metacharacters, this filename is passed directly to a Ruby backtick execution call without neutralization. This allows the attacker to inject arbitrary shell commands, leading to remote code execution (RCE) on the server hosting manyfold. Exploitation requires the attacker to be authenticated, but no additional user interaction is necessary beyond uploading the malicious ZIP. The vulnerability affects confidentiality, integrity, and availability by enabling attackers to execute arbitrary commands, potentially compromising the entire server environment. The vulnerability was assigned CVE-2026-27635 and has a CVSS 3.1 base score of 7.5, indicating high severity. The issue was addressed and fixed in manyfold version 0.133.0 by properly sanitizing input filenames before execution. No known exploits in the wild have been reported yet. This vulnerability highlights the risks of unsanitized input in command execution contexts, especially in web applications handling user-uploaded files.

This vulnerability allows authenticated users to execute arbitrary commands on the server running manyfold, potentially leading to full system compromise. Attackers could steal sensitive data, modify or delete 3D model files, disrupt service availability, or use the compromised server as a foothold for further attacks within an organization’s network. Given manyfold’s role in managing 3D printing models, intellectual property related to product designs or prototypes could be exposed or altered. The impact extends to operational disruption if attackers deploy ransomware or other destructive payloads. Since exploitation requires authentication, insider threats or compromised user accounts pose significant risks. Organizations relying on manyfold for managing 3D assets, especially in manufacturing, prototyping, or research sectors, face heightened exposure. The vulnerability’s presence in open-source software also means that many smaller organizations or hobbyist groups using self-hosted instances may be vulnerable, increasing the overall attack surface.

The primary mitigation is to upgrade all manyfold instances to version 0.133.0 or later, where the vulnerability is fixed. Until upgrade, organizations should disable the model render generation feature if feasible to reduce risk. Implement strict access controls to limit who can upload files, ensuring only trusted users have upload permissions. Employ network segmentation to isolate manyfold servers from critical infrastructure. Monitor logs for suspicious upload activity or command execution attempts. Use application-level firewalls or runtime application self-protection (RASP) tools to detect and block command injection patterns. Conduct regular audits of user accounts and enforce strong authentication mechanisms to reduce risk from compromised credentials. Additionally, consider sandboxing or containerizing manyfold instances to limit the blast radius of potential exploitation. Educate users about the risks of uploading untrusted files and maintain up-to-date backups to recover from potential attacks.