Command Injection Vulnerability in Tenable Security Center by Tenable
CVE-2026-2630

7.4HIGH

Key Information:

Vendor: Tenable
Status: Security Center
Vendor: CVE Published:; 17 February 2026

What is CVE-2026-2630?

A command injection vulnerability has been identified in Tenable Security Center, which allows an authenticated remote attacker to execute arbitrary code on the underlying server. This flaw emphasizes the importance of applying appropriate security measures and regular updates to protect against potential exploitation.

Affected Version(s)

Security Center 0 <= 6.7.2

References

https://www.tenable.com/security/tns-2026-06

CVSS V4

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Feb 17, 2026

Credit

Bernard Santillan, OSC Technical Solutions

CVE-2026-2630 Data

JSON