Home / Vulnerability Intelligence / CVE-2026-26416

CVE-2026-26416 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 6, 2026

Tata Consultancy Services Cognix Recon Client - Authorization Bypass

Published: March 5, 2026Updated: March 6, 2026PoC AvailableRemote Exploitable

Overview

Tata Consultancy Services Cognix Recon Client v3.0 contains an authorization bypass caused by crafted requests, letting authenticated users escalate privileges across role boundaries.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 3.5%(Probability of exploitation in next 30 days)

Impact

Authenticated users can escalate privileges, potentially gaining unauthorized access to restricted functions or data.

Mitigation

Update to the latest version.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 7, 2026

🟠 CVE-2026-26416 - High (8.8) An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26416/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

GitHub Repositories(1 repo)

https://github.com/aksalsalimi/CVE-2026-26416

Related Resources

Details

CVE ID: CVE-2026-26416
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: unconfirmed
EPSS: 3.5%
Social Posts: 1

CWE

CWE-269

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

3.5%Probability of exploitation in the next 30 days