CVE-2026-26416

← CVEs

HIGH 8.8

Published

2026-03-05

Last Modified

2026-03-10

Affected Apps

Affected Devices

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

Affected Applications in Environment 4

1 device

1 device

2 devices

1 device

Affected Devices 5

DPEXAN-5CD017CV Windows DPHSNG-34Y86X3 Windows DPMATH-C11312G9 Windows FL217-2-ADOTTER Windows MICHELLEUSUHP Windows

References 3

https://github.com/aksalsalimi/CVE-2026-26416
https://github.com/aksalsalimi/cognix-recon-client-security-advisories
https://www.tcs.com/what-we-do/services/cognitive-business-operations/solution/cognix-platform-business-agility-enhanced-cx