VYPR
High severity8.8NVD Advisory· Published May 21, 2026· Updated May 22, 2026

CVE-2026-9089

CVE-2026-9089

Description

The ConnectWise Automate™ Agent does not fully verify the authenticity of components obtained during plugin loading and self-update operations. This issue is addressed in Automate 2026.5.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

2