CVE-2026-2630
Published: 17 February 2026
Description
A Command Injection vulnerability exists where an authenticated, remote attacker could execute arbitrary code on the underlying server where Tenable Security Center is hosted.
Mitigating Controls (NIST 800-53 r5)AI
Directly prevents command injection vulnerabilities by validating and sanitizing authenticated user inputs before they are processed by system commands.
Remediates the specific CVE-2026-2630 command injection flaw through timely identification, testing, and deployment of vendor patches.
Restricts the types, rates, and volumes of user inputs to the Tenable Security Center, reducing opportunities for command injection exploits.
Security SummaryAI
CVE-2026-2630 is a command injection vulnerability (CWE-78) in Tenable Security Center. Published on 2026-02-17, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). The flaw allows an authenticated remote attacker to execute arbitrary code on the underlying server hosting the Tenable Security Center instance.
An attacker with low privileges, such as an authenticated user, can exploit this vulnerability remotely over the network with low complexity and without requiring user interaction. Successful exploitation enables arbitrary code execution on the server, potentially leading to high impacts on confidentiality, integrity, and availability.
Tenable has issued advisory TNS-2026-06 addressing this vulnerability, available at https://www.tenable.com/security/tns-2026-06. Security practitioners should consult this advisory for details on patches and mitigation steps.
Details
- CWE(s)
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The command injection vulnerability (CWE-78) allows low-privileged authenticated remote attackers to achieve arbitrary code execution on the Tenable Security Center server, directly enabling Exploitation of Remote Services (T1210) and Exploitation for Privilege Escalation (T1068).