Tanium
Products
22- 7 CVEs
- 6 CVEs
- 4 CVEs
- 4 CVEs
- 4 CVEs
- 3 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
47| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9208 | Hig | 0.57 | 8.8 | 0.00 | May 27, 2026 | Tanium addressed an unauthorized code execution vulnerability in Connect. | ||
| CVE-2025-4371 | Med | 0.44 | 6.8 | 0.00 | Aug 18, 2025 | A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection. | ||
| CVE-2026-9156 | Med | 0.42 | 6.5 | 0.00 | May 27, 2026 | Tanium addressed a denial of service vulnerability in Tanium Server. | ||
| CVE-2025-60934 | Med | 0.40 | 6.1 | 0.00 | Oct 21, 2025 | Multiple stored cross-site scripting (XSS) vulnerabilities in the index.php component of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee Notes, title, or description… | ||
| CVE-2025-60933 | Med | 0.40 | 6.1 | 0.00 | Oct 21, 2025 | Multiple stored cross-site scripting (XSS) vulnerabilities in the Future Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name,… | ||
| CVE-2025-60932 | Med | 0.40 | 6.1 | 0.00 | Oct 21, 2025 | Multiple stored cross-site scripting (XSS) vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step… | ||
| CVE-2026-6416 | Low | 0.18 | 2.7 | 0.00 | Apr 22, 2026 | Tanium addressed an uncontrolled resource consumption vulnerability in Interact. | ||
| CVE-2026-6408 | Low | 0.18 | 2.7 | 0.00 | Apr 22, 2026 | Tanium addressed an information disclosure vulnerability in Tanium Server. | ||
| CVE-2026-6392 | Low | 0.18 | 2.7 | 0.00 | Apr 22, 2026 | Tanium addressed an information disclosure vulnerability in Threat Response. | ||
| CVE-2026-2350 | 0.00 | — | 0.00 | Feb 19, 2026 | Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS. | |||
| CVE-2026-1292 | 0.00 | — | 0.00 | Feb 19, 2026 | Tanium addressed an insertion of sensitive information into log file vulnerability in Trends. | |||
| CVE-2026-2605 | 0.00 | — | 0.00 | Feb 19, 2026 | Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS. | |||
| CVE-2026-2408 | 0.00 | — | 0.00 | Feb 19, 2026 | Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension. | |||
| CVE-2026-2435 | 0.00 | — | 0.00 | Feb 19, 2026 | Tanium addressed a SQL injection vulnerability in Asset. | |||
| CVE-2026-1344 | 0.00 | — | 0.00 | Feb 17, 2026 | Tanium addressed an insecure file permissions vulnerability in Enforce Recovery Key Portal. | |||
| CVE-2025-15314 | 0.00 | — | 0.00 | Feb 9, 2026 | Tanium addressed an arbitrary file deletion vulnerability in end-user-cx. | |||
| CVE-2025-15313 | 0.00 | — | 0.00 | Feb 9, 2026 | Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS. | |||
| CVE-2025-15310 | 0.00 | — | 0.00 | Feb 9, 2026 | Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. | |||
| CVE-2025-15318 | 0.00 | — | 0.00 | Feb 9, 2026 | Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools. | |||
| CVE-2025-15319 | 0.00 | — | 0.00 | Feb 9, 2026 | Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools. |
- risk 0.57cvss 8.8epss 0.00
Tanium addressed an unauthorized code execution vulnerability in Connect.
- risk 0.44cvss 6.8epss 0.00
A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.
- risk 0.42cvss 6.5epss 0.00
Tanium addressed a denial of service vulnerability in Tanium Server.
- risk 0.40cvss 6.1epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in the index.php component of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee Notes, title, or description…
- risk 0.40cvss 6.1epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in the Future Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name,…
- risk 0.40cvss 6.1epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step…
- risk 0.18cvss 2.7epss 0.00
Tanium addressed an uncontrolled resource consumption vulnerability in Interact.
- risk 0.18cvss 2.7epss 0.00
Tanium addressed an information disclosure vulnerability in Tanium Server.
- risk 0.18cvss 2.7epss 0.00
Tanium addressed an information disclosure vulnerability in Threat Response.
- CVE-2026-2350Feb 19, 2026risk 0.00cvss —epss 0.00
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
- CVE-2026-1292Feb 19, 2026risk 0.00cvss —epss 0.00
Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.
- CVE-2026-2605Feb 19, 2026risk 0.00cvss —epss 0.00
Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS.
- CVE-2026-2408Feb 19, 2026risk 0.00cvss —epss 0.00
Tanium addressed a use-after-free vulnerability in the Cloud Workloads Enforce client extension.
- CVE-2026-2435Feb 19, 2026risk 0.00cvss —epss 0.00
Tanium addressed a SQL injection vulnerability in Asset.
- CVE-2026-1344Feb 17, 2026risk 0.00cvss —epss 0.00
Tanium addressed an insecure file permissions vulnerability in Enforce Recovery Key Portal.
- CVE-2025-15314Feb 9, 2026risk 0.00cvss —epss 0.00
Tanium addressed an arbitrary file deletion vulnerability in end-user-cx.
- CVE-2025-15313Feb 9, 2026risk 0.00cvss —epss 0.00
Tanium addressed an arbitrary file deletion vulnerability in Tanium EUSS.
- CVE-2025-15310Feb 9, 2026risk 0.00cvss —epss 0.00
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.
- CVE-2025-15318Feb 9, 2026risk 0.00cvss —epss 0.00
Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.
- CVE-2025-15319Feb 9, 2026risk 0.00cvss —epss 0.00
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.