{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-6408","assignerOrgId":"3938794e-25f5-4123-a1ba-5cbd7f104512","state":"PUBLISHED","assignerShortName":"Tanium","dateReserved":"2026-04-15T21:51:17.871Z","datePublished":"2026-04-22T01:46:40.653Z","dateUpdated":"2026-04-22T12:49:39.769Z"},"containers":{"cna":{"affected":[{"product":"Tanium Server","vendor":"Tanium","versions":[{"version":"7.6.4.0","status":"affected","lessThan":"7.6.4.2185","versionType":"custom"},{"version":"7.7.3.0","status":"affected","lessThan":"7.7.3.8266","versionType":"custom"},{"version":"7.8.2.0","status":"affected","lessThan":"7.8.2.1168","versionType":"custom"}]}],"dateAssigned":"2026-04-15T21:51:17.273Z","datePublic":"2026-04-22T01:46:17.259Z","descriptions":[{"lang":"en","value":"Tanium addressed an information disclosure vulnerability in Tanium Server."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":2.7,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-522","description":"Insufficiently Protected Credentials","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"3938794e-25f5-4123-a1ba-5cbd7f104512","shortName":"Tanium","dateUpdated":"2026-04-22T01:46:40.653Z"},"references":[{"name":"TAN-2026-012","url":"https://security.tanium.com/TAN-2026-012"}],"title":"Tanium addressed an information disclosure vulnerability in Tanium Server."},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-04-22T12:48:18.544819Z","id":"CVE-2026-6408","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-04-22T12:49:39.769Z"}}]}}