High severity7.1NVD Advisory· Published Apr 20, 2026· Updated Apr 23, 2026
CVE-2026-6066
CVE-2026-6066
Description
ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications could occur without transport-layer encryption. This could allow network‑based interception of Solution Center traffic in Automate deployments. The issue has been resolved in Automate 2026.4 by enforcing secure communication for affected Solution Center connections.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
18- Bring out your dead: How agentic AI for cybersecurity helps you rid your cloud of forgotten, risky assetsTenable Blog · May 14, 2026
- The Convergence of Cloud Secrets & AI RiskSentinelOne Labs · May 13, 2026
- Patch Tuesday - May 2026Rapid7 Blog · May 13, 2026
- Microsoft May 2026 Patch Tuesday, (Tue, May 12th)SANS Internet Storm Center · May 12, 2026
- Japan’s PM orders cybersecurity review to stop Mythos going full CyberZillaThe Register Security · May 12, 2026
- Wordfence Intelligence Weekly WordPress Vulnerability Report (April 27, 2026 to May 3, 2026)Wordfence Blog · May 7, 2026
- Progress Patches Critical MOVEit Automation Bug Enabling Authentication BypassThe Hacker News · May 4, 2026
- Thousands of Facebook accounts stolen by phishing emails sent through GoogleMalwarebytes Labs · May 4, 2026
- Vulnerability remediation: Match CVEs to asset owners in seconds with Tenable Hexa AITenable Blog · May 1, 2026
- Bridging the gap: How to integrate Claude Security into the Tenable One Exposure Management PlatformTenable Blog · Apr 30, 2026
- Mastering agentic AI security through exposure managementTenable Blog · Apr 29, 2026
- Webinar: How to Automate Exposure Validation to Match the Speed of AI AttacksThe Hacker News · Apr 29, 2026
- MDR Selection is a Partnership DecisionRapid7 Blog · Apr 28, 2026
- Five steps to become Mythos readyTenable Blog · Apr 23, 2026
- Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patchingTenable Blog · Apr 16, 2026
- The n8n n8mare: How threat actors are misusing AI workflow automationCisco Talos Intelligence · Apr 15, 2026
- ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution RuntimeCheck Point Research · Mar 30, 2026
- How AI Assistants are Moving the Security GoalpostsKrebs on Security · Mar 8, 2026