Zero Day MonitorZDM

CVE-2026-2698: An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope. — Zero Day Monitor

← Back to list

6.5

CVE-2026-2698PATCHED

tenable · security_center

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.

Description

An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope.

Affected Products

Vendor	Product	Versions
tenable	security_center	< 6.8.0

References

https://https://docs.tenable.com/release-notes/Content/security-center/2026.htm(Broken Link)
https://https://www.tenable.com/security/tns-2026-07(Broken Link)

CVSS 3.16.5 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited❌ No

Patch available

6.8.0

CWECWE-639

PublishedFeb 23, 2026

Last enriched8d ago

Trending Score0

Source articles0

Independent0

Info Completeness9/14

Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote