CVE-2026-26416HIGH 8.8EPSS p30.1%

CVE-2026-26416CVE-2026-26416

Description

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.38% probability of exploitation · percentile 30.1% · 2026-06-19T12:03:05Z
Published2026-03-05
Last modified2026-03-10

Underlying weaknesses· 1

CWE-269

References

  1. https://github.com/aksalsalimi/CVE-2026-26416
  2. https://github.com/aksalsalimi/cognix-recon-client-security-advisories
  3. https://www.tcs.com/what-we-do/services/cognitive-business-operations/solution/cognix-platform-business-agility-enhanced-cx

1

TypeTargetConfidenceTier
WeaknessImproper Privilege Managementcwe-2690%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-26417
CVE
CVE-2026-40417
CVE
CVE-2025-61429
CVE
CVE-2026-21262
CVE
CVE-2026-9614
CVE
CVE-2026-24303
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.