A vulnerability identified as critical has been detected in openbullet2 up to 0.3.2 . This vulnerability affects unknown code of the file bat.ps1.sh of the component FileProxySource Proxy Loading Feature . Performing a manipulation results in os command injection. This vulnerability was named CVE-2026-25855 . The attack may be initiated remotely. There is no available exploit.