Kopia backup tool patched after remote code execution flaw found

THE content discusses a critical security vulnerability in Kopia, an open-source backup tool, tracked as CVE-2026-45695. This vulnerability allows remote code execution through command injection due to flawed handling of external requests when the server operates without password protection. The bug affects Kopia versions 0.22.3 and earlier; versions 0.23.0 and above have been patched. Immediate remediation actions include upgrading to the latest version or applying architectural mitigations to reduce exposure.