Zero Day MonitorZDM

CVE-2026-2695: Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises) — Zero Day Monitor

← Back to list

6.3

CVE-2026-2695EXPLOITEDPATCHED

teamviewer · teamviewer dex platform on-premises

Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)

Description

A remote, authenticated attacker can exploit a vulnerability in TeamViewer DEX to execute arbitrary program code.

Affected Products

Vendor	Product	Versions
teamviewer	teamviewer dex platform on-premises	0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
teamviewer	teamviewer	cert_advisory	90%

References

https://www.teamviewer.com/de/resources/trust-center/security-bulletins/tv-2026-1004/

Related News (2 articles)

Tier B

BSI Advisories46d ago

[NEU] [mittel] TeamViewer DEX: Schwachstelle ermöglicht Codeausführung

→ No new info (linked only)

Tier C

VulDB47d ago

CVE-2026-2695 | TeamViewer DEX up to 9.1 input validation

→ No new info (linked only)

CVSS 3.16.3 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

9.2

CWECWE-20

PublishedMay 13, 2026

Last enriched46d agov3

Tags

remote code execution

Trending Score0

Source articles2

Independent2

Info Completeness10/14

Missing: epss, kev, iocs, mitre_attack