RCE in Pi-hole Web

CVE-2026-33765

Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The appli…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.002 (48.2th percentile) — read the EPSS interpretation.