{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-11846: IEI Integration Corp｜iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-11846","status":"final","version":"1","initial_release_date":"2026-06-12T09:31:52.698Z","current_release_date":"2026-06-12T10:54:07.905Z","revision_history":[{"date":"2026-06-12T09:31:52.698Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"The \niVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories,  resulting in data destruction or service disruption.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-11846 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-11846"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-11846"},{"category":"external","summary":"twcert.org.tw","url":"https://www.twcert.org.tw/tw/cp-132-10969-4c4e2-1.html"},{"category":"external","summary":"twcert.org.tw","url":"https://www.twcert.org.tw/en/cp-139-10970-e4b21-2.html"}]},"product_tree":{"branches":[{"category":"vendor","name":"IEI Integration Corp","branches":[{"category":"product_name","name":"iVEC TANK-XM811","branches":[{"category":"product_version_range","name":"<1.0.4","product":{"name":"IEI Integration Corp iVEC TANK-XM811 <1.0.4","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:iei_integration_corp:ivec_tank-xm811:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-11846","title":"IEI Integration Corp｜iVEC-IEI Virtualization Edge Computer - Arbitrary File Deletion","notes":[{"category":"description","text":"The \niVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has an Arbitrary File Deletion vulnerability, allowing authenticated remote attackers to exploit this vulnerability to delete arbitrary system files or directories,  resulting in data destruction or service disruption.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v4":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N","baseScore":7.2,"baseSeverity":"HIGH"},"products":["CSAFPID-1"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 1.0.4.","product_ids":["CSAFPID-1"]}]}]}