CVE-2026-1185HIGH 8.8EPSS p13.1%

CVE-2026-1185CVE-2026-1185

Description

A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation. This vulnerability can only be exploited if an attacker can log in to the Axis device using SSH.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.23% probability of exploitation · percentile 13.1% · 2026-06-19T12:03:05Z
Published2026-05-12
Last modified2026-05-19

Underlying weaknesses· 1

CWE-732

References

  1. https://www.axis.com/dam/public/69/df/8d/cve-2026-1185pdf-en-US-530733.pdf

1

TypeTargetConfidenceTier
WeaknessIncorrect Permission Assignment for Critical Resourcecwe-7320%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-0358
CVE
CVE-2025-30026
CVE
CVE-2025-3626
CVE
CVE-2026-0418
CVE
CVE-2025-41651
CVE
CVE-2026-9211
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.