CVE-2026-0963 — An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via — CVE Database · The Intelligence Room