Volerion logoVolerion
Volerion logoVolerion

Tanium Connect Unauthorized Code Execution Vulnerability

Vulnerability

A vulnerability allowing unauthorized code execution has been identified in Tanium Connect. This issue affects users with the Connect Write permission, who could execute unauthorized code in the context of the Connect service on the Tanium Module Server. The vulnerability is present in Tanium Connect versions prior to Update 25 (v5.26.191) in the 2024H2 Release, prior to Update 19 (v5.29.237) in the 2025H1 Release, prior to Update 9 (v5.37.140) in the 2025H2 Release, and prior to Update 0 (v5.47.95) in the 2026H1 Release.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution on the Tanium Module Server, within the Connect service context.

Remediation

Users can update to Tanium Connect v5.26.191 or later (for 2024H2 Release), v5.29.237 or later (for 2025H1 Release), v5.37.140 or later (for 2025H2 Release), or v5.47.95 or later (for 2026H1 Release).

Added: May 28, 2026, 3:08 AM
Updated: May 28, 2026, 3:08 AM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
10.0
exploitability
5.2
remediation
0.0
relevance
9.4
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.