CVE-2026-60121: Vitec Flamingo 4.12.2 Unauthenticated OS Command Injection via ping.php — Zero Day Monitor