CVE-2026-5935CRITICAL 9.8EPSS p17.3%

CVE-2026-5935CVE-2026-5935

Description

IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.26% probability of exploitation · percentile 17.3% · 2026-06-19T12:03:05Z
Published2026-04-23
Last modified2026-05-18

Underlying weaknesses· 1

CWE-78

References

  1. https://www.ibm.com/support/pages/node/7270127

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-1137
CVE
CVE-2025-36245
CVE
CVE-2025-13688
CVE
CVE-2025-13375
CVE
CVE-2025-13686
CVE
CVE-2026-20094
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.