Command-Line Client Vulnerability in P4 Server by Perforce
CVE-2026-6902

7.7HIGH

Key Information:

Vendor

Perforce

Vendor
CVE Published:
18 May 2026

What is CVE-2026-6902?

A security vulnerability in the Command-Line Client of P4 Server exposes the system to potential code injection risks. Affected versions prior to 2025.2 Patch 2 of P4 Server require immediate attention as malicious actors may exploit this weakness to execute unauthorized commands or manipulate server data. It is crucial for users to upgrade to the patched version to mitigate these security threats and ensure the integrity of their systems.

Affected Version(s)

P4 (Helix Core) 0

References

CVSS V4

Score:
7.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.