CVE-2026-2630

Summary

A Command Injection vulnerability exists where an authenticated, remote attacker could execute arbitrary code on the underlying server where Tenable Security Center is hosted.

Affected Software

VendorProductVersion RangeStatus
TenableSecurity Center0 <= 6.7.2affected

Weaknesses

  • CWE-78: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References