CVE-2026-22568 MEDIUM

CVE-2026-22568: Unauthorized information retrieval in ZIA Admin UI

Vendor Zscaler
Product ZIA Admin UI
Weakness CWE-20 · Input validation
Published February 23, 2026
Last update February 23, 2026

CVSS base score

5.5/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Improper neutralization of special elements in user-supplied input within the ZIA Admin UI could allow an authenticated administrator to access or retrieve unauthorized internal information in rare conditions.

Key dates

02Disclosure timeline

February 23, 2026 CVE published
February 23, 2026 Record updated