A vulnerability identified as critical has been detected in RURBAN GD up to 2.85 on Perl. Affected by this issue is the function Open . This manipulation of the argument filename causes os command injection. This vulnerability is registered as CVE-2026-11526 . Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.