Detections
Analytics
CVE-2025-111876
high
Description
Tenable Identity Exposure leverages third-party software to help provide underlying functionality. Several of the third-party components (.NET Windows Server Hosting, NodeJS, Erlang OTP, SQL Server, OpenSSL, Curl) were found to contain vulnerabilities, and updated versions have been made available by the providers.Out of caution and in line with best practice, Tenable has opted to upgrade these components to address the potential impact of the issues. Tenable Identity Exposure version 3.93.5 updates .NET Windows Server Hosting to version 8.0.28.26269, NodeJS to version 20.20.2.0, Erlang OTP to version 26.2.5.21, SQL Server to version 15.0.4470.1, OpenSSL to version 4.0.1, and Curl to version 8.19.0 to address the identified vulnerabilities.Tenable Identity Exposure version v3.93.5 also resolves a vulnerability related to API endpoints returning information to unauthenticated GET requests (CVE-2026-13007). p.subtitle { display: none; } table { border-collapse: collapse; width: 100%; } th { background: #1a1a2e; color: #fff; padding: 8px 10px; text-align: left; font-size: 12px; letter-spacing: 0.04em; white-space: nowrap; } td { padding: 6px 10px; border-bottom: 1px solid #e5e7eb; vertical-align: top; } tr:hover td { background: #f5f7ff; } .cve-id { white-space: nowrap; } .vector { font-size: 11px; color: #444; word-break: break-all; } .score { font-weight: 600; white-space: nowrap; } .lozenge.critical { color: #fff; } .critical { color: #b91c1c; } .high { color: #c2410c; } .medium { color: #b45309; } .low { color: #15803d; } .badge { display: inline-block; padding: 1px 6px; border-radius: 3px; font-size: 11px; font-weight: 600; margin-right: 4px; } .badge.critical { background: #fee2e2; color: #991b1b; } .badge.high { background: #ffedd5; color: #9a3412; } .badge.medium { background: #fef9c3; color: #854d0e; } .badge.low { background: #dcfce7; color: #166534; } .cwe { font-size: 12px; } .empty { color: #aaa; } .new-row td { background: #f0fdf4; } .new-row:hover td { background: #dcfce7; } CVE IDBase ScoreTemporal ScoreCVSSv3 VectorCVSSv4 Base ScoreCVSSv4 VectorCWEMEDIUMCVE-2025-111876.15.3CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C——CWE-121: Stack-based Buffer OverflowMEDIUMCVE-2025-130345.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C——CWE-345: Insufficient Verification of Data AuthenticityMEDIUMCVE-2025-140176.35.5CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C——CWE-416: Use After FreeMEDIUMCVE-2025-145245.34.6CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2025-148195.34.6CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2025-150795.34.6CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorLOWCVE-2025-152243.12.7CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlHIGHCVE-2025-154678.87.6CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-416: Use After FreeMEDIUMCVE-2025-154685.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2025-154695.54.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlCRITICALCVE-2025-551309.17.9CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C——CWE-287: Improper AuthenticationHIGHCVE-2025-551317.16.2CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C——CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')MEDIUMCVE-2025-551325.34.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C4.8CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:NCWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2025-552477.36.3CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-269: Improper Privilege ManagementMEDIUMCVE-2025-552485.75CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorCRITICALCVE-2025-553159.98.6CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L/E:U/RL:O/RC:C——CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')HIGHCVE-2025-594657.56.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2025-594667.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2025-661995.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2025-681604.74.1CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2025-6941843.5CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2025-694197.46.4CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C——CWE-295: Improper Certificate ValidationHIGHCVE-2025-694207.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2025-694217.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-19656.55.7CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlMEDIUMCVE-2026-26736.55.7CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C——CWE-284: Improper Access ControlMEDIUMCVE-2026-37835.34.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-37846.55.7CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2026-38057.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-48735.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-55456.55.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlHIGHCVE-2026-57737.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-62535.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-62767.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-64295.34.6CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-70095.34.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-71685.34.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2026-73838.17CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-295: Improper Certificate ValidationHIGHCVE-2026-90767.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-130077.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:NCWE-306: Missing Authentication for Critical Function; CWE-524: Use of Cache Containing Sensitive InformationHIGHCVE-2026-212187.56.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:NCWE-284: Improper Access ControlHIGHCVE-2026-212628.87.6CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-284: Improper Access ControlHIGHCVE-2026-216377.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-217107.56.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-217135.95.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-217145.34.6CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionLOWCVE-2026-217153.32.9CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorLOWCVE-2026-217163.32.9CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlMEDIUMCVE-2026-217175.95.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-227955.54.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-227965.34.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-261307.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-261717.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-283867.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-125: Out-of-bounds ReadHIGHCVE-2026-283878.17CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-295: Improper Certificate ValidationHIGHCVE-2026-283887.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-283897.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-283907.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionCRITICALCVE-2026-317899.88.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-119: Improper Restriction of Operations within the Bounds of a Memory BufferHIGHCVE-2026-317907.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2026-321677.86.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')MEDIUMCVE-2026-321754.33.8CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlHIGHCVE-2026-321767.86.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')HIGHCVE-2026-321777.36.3CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C——CWE-269: Improper Privilege ManagementHIGHCVE-2026-321787.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2026-322037.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-331167.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-331208.87.6CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-822: Untrusted Pointer DereferenceHIGHCVE-2026-341807.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-341817.46.4CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C——CWE-295: Improper Certificate ValidationCRITICALCVE-2026-341829.17.9CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C——CWE-287: Improper AuthenticationHIGHCVE-2026-341837.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-3518854.4CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorHIGHCVE-2026-354337.36.3CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C——CWE-269: Improper Privilege ManagementHIGHCVE-2026-403708.87.6CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-73: External Control of File Name or PathHIGHCVE-2026-427647.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-427657.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-427665.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-427675.95.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionLOWCVE-2026-427683.73.2CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-427695.34.6CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorLOWCVE-2026-427703.73.2CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-427716.25.4CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionMEDIUMCVE-2026-427894.84.2CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C7CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:NCWE-295: Improper Certificate ValidationHIGHCVE-2026-427908.17CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C7.6CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:NCWE-295: Improper Certificate ValidationHIGHCVE-2026-428997.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource ConsumptionHIGHCVE-2026-454457.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C——CWE-200: Exposure of Sensitive Information to an Unauthorized ActorMEDIUMCVE-2026-454464.84.2CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C——CWE-295: Improper Certificate ValidationHIGHCVE-2026-454478.87.6CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-287: Improper AuthenticationHIGHCVE-2026-454907.86.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C——CWE-269: Improper Privilege ManagementMEDIUMCVE-2026-454915.54.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C——CWE-284: Improper Access ControlHIGHCVE-2026-455917.56.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C——CWE-400: Uncontrolled Resource Consumption Tenable has released Tenable Identity Exposure version 3.93.5 to address these issues. The installation files can be obtained from the Tenable Downloads Portal: https://www.tenable.com/downloads/identity-exposure