CVE-2026-9207

Summary

Tanium addressed an unauthorized code execution vulnerability in Connect.

Affected Software

VendorProductVersion RangeStatus
TaniumConnect5.26 < 5.26.191affected
TaniumConnect5.29 < 5.29.237affected
TaniumConnect5.37 < 5.37.140affected

Weaknesses

  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References