CVE-2025-15326 MEDIUM

CVE-2025-15326: Tanium addressed an improper access controls vulnerability in Patch.

Vendor Tanium
Product Patch
Weakness CWE-862 · Missing authorization
Published February 5, 2026
Last update February 6, 2026
View on NVD All CVEs

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Tanium addressed an improper access controls vulnerability in Patch.

Key dates

02Disclosure timeline

February 5, 2026 CVE published
February 6, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2021-3656 CVE-2024-35742 WordPress Easy Forms for Mailchimp plugin <= 6.9.0 - Broken Access Control vulnerability CVE-2024-5382 Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to MA Template Creation or Modification CVE-2026-42809 Apache Polaris: staged table creation could vend storage credentials for unvalidated locations CVE-2025-47565 WordPress EventON plugin <= 4.9.9 - Broken Access Control vulnerability