CVE-2025-26512CRITICAL 9.9EPSS p45.7%

CVE-2025-26512CVE-2025-26512

Description

SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed.

Scoring

CVSS 3.19.9 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS0.64% probability of exploitation · percentile 45.7% · 2026-06-18T12:00:27Z
Published2025-03-24
Last modified2026-01-16

Underlying weaknesses· 1

CWE-266

References

  1. https://security.netapp.com/advisory/NTAP-20250324-0001
  2. https://security.netapp.com/advisory/ntap-20250324-0001/

1

TypeTargetConfidenceTier
WeaknessIncorrect Privilege Assignmentcwe-2660%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-53118
CVE
CVE-2026-26119
CVE
CVE-2025-1393
CVE
CVE-2025-0324
CVE
CVE-2026-23595
CVE
CVE-2025-52692
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.