Uncontrolled Search Path Element Vulnerability in WatchGuard Agent for Windows
CVE-2026-6788

8.5HIGH

Key Information:

Vendor: Watchguard
Status: Watchguard Agent
Vendor: CVE Published:; 6 May 2026

What is CVE-2026-6788?

An Uncontrolled Search Path Element vulnerability in WatchGuard Agent allows an attacker to exploit the software through the use of malicious files. This vulnerability can lead to unauthorized code execution, impacting the integrity of the system. It specifically affects the versions of WatchGuard Agent prior to 1.25.03.0000, making it crucial for users to update to the latest version to mitigate risks.

Affected Version(s)

WatchGuard Agent Windows 0 < 1.25.03.0000

References

https://www.watchguard.com/wgrd-psirt/advisory/WGSA-2026-...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 6, 2026
Vulnerability Reserved
Apr 21, 2026

CVE-2026-6788 Data

JSON

Watchguard

What is CVE-2026-6788?

Affected Version(s)

References

CVSS V4

Timeline