PatchSiren cyber security CVE debrief
CVE-2026-11596 ConnectWise CVE debrief
CVE-2026-11596 is a medium-severity vulnerability in ScreenConnect versions prior to 26.2. The issue lies in the input validation within the Host Pass creation functionality, which could allow an authenticated user with Host Pass creation privileges to specify a token expiration duration beyond the intended maximum when generating delegated access tokens. This vulnerability has a CVSS score of 4.7 and is classified as CWE-1284.
- Vendor
- ConnectWise
- Product
- ScreenConnect
- CVSS
- MEDIUM 4.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-10
- Original CVE updated
- 2026-06-10
- Advisory published
- 2026-06-10
- Advisory updated
- 2026-06-10
Who should care
Users of ScreenConnect versions prior to 26.2 should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability exists in the Host Pass creation functionality of ScreenConnect versions prior to 26.2. An authenticated user with Host Pass creation privileges can specify a token expiration duration beyond the intended maximum, potentially leading to security issues.
Defensive priority
MEDIUM
Recommended defensive actions
- Update ScreenConnect to version 26.2 or later.
- Restrict Host Pass creation privileges to authorized users.
- Monitor token expiration durations for unusual activity.
Evidence notes
The CVE record and NVD detail can be found at [cve-org] and [nvd], respectively. Additional information is available at [ref-4].
Official resources
-
CVE-2026-11596 CVE record
CVE.org
-
CVE-2026-11596 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
7d616e1a-3288-43b1-a0dd-0a65d3e70a49
CVE-2026-11596 was published on [cvePublishedAt] and modified on [cveModifiedAt].