These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
Tanium Connect contains an unauthorized code execution vulnerability (CWE-78) that could allow an attacker with low privileges to execute arbitrary code remotely. The vulnerability has a CVSS 3.1 score of 8.8 (HIGH severity) with network attack vector, low attack complexity, and no required user interaction. The vulnerability impacts confidentiality, integrity, and availability at a high level. Tanium has [truncated]
Tanium Connect contains an unauthorized code execution vulnerability. The issue permits an attacker with low privileges to execute arbitrary code remotely without user interaction, resulting in high impact to confidentiality, integrity, and availability. The vulnerability is classified as CWE-78 (OS Command Injection). Tanium has published security advisory TAN-2026-014 addressing this issue.
Tanium addressed a denial of service vulnerability in Tanium Server. The vulnerability was published on 2026-05-27 with a CVSS 3.1 score of 6.5 (MEDIUM severity). The NVD entry indicates a CVSS vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, though this vector appears inconsistent with the described denial of service impact—analysts should verify the official Tanium advisory for authoritative scor [truncated]
CVE-2026-6392 is a low-severity information disclosure issue in Tanium Threat Response. NVD lists a CVSS 3.1 score of 2.7 with network attack vector, low attack complexity, and high privileges required. The affected ranges published by NVD are Threat Response versions 4.6.0 through 4.6.577 and 4.9.0 through 4.9.379. Tanium’s advisory is referenced by NVD, and the CVE was published on 2026-04-22 and last m [truncated]