Information Disclosure in Tanium Server by Tanium
CVE-2026-6408

2.7LOW

Key Information:

Vendor: Tanium
Status: Tanium Server
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-6408?

Tanium has identified an information disclosure vulnerability in Tanium Server that could potentially expose sensitive information. This vulnerability affects Tanium Server version 7.4 and earlier, allowing unauthorized access to information stored within the system. It is crucial for organizations using Tanium Server to review the security updates and apply necessary patches to mitigate against potential data leakage.

Affected Version(s)

Tanium Server 7.6.4.0 < 7.6.4.2185

Tanium Server 7.7.3.0 < 7.7.3.8266

Tanium Server 7.8.2.0 < 7.8.2.1168

References

https://security.tanium.com/TAN-2026-012

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Apr 15, 2026

CVE-2026-6408 Data

JSON