CVE-2026-2697

Medium CVSS: 5.3

An Indirect Object Reference (IDOR) in Security Center allows an authenticated remote attacker to escalate privileges via the 'owner' parameter.

Vendor

Product

CWE

Yayın Tarihi

2026-02-23 16:29:37

Güncelleme

2026-02-26 16:44:54

Source Identifier

vulnreport@tenable.com

KEV Date Added

CWE-639 Security Center MEDIUM Tenable 2026

https://www.tenable.com/security/tns-2026-07

Medium

CVE-2026-2698

An improper access control vulnerability exists where an authenticated user could access areas outside of their authoriz…

Medium

CVE-2026-2026

A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could all…

High

CVE-2025-36630

In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrit…

High

CVE-2025-36632

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could execute c…

High

CVE-2025-36633

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could arbitrari…

High

CVE-2025-36631

In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite…