HIGHCVE-2026-2630Published 2026-02-17Modified 2026-02-26CNA tenable

CVE-2026-2630: [R1] Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2

A Command Injection vulnerability exists where an authenticated, remote attacker could execute arbitrary code on the underlying server where Tenable Security Center is hosted.

CVSS v4.0: 7.4
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Tenable / Security Center
≤ 6.7.2

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

References

tenable.com

Metrics