CVE-2026-26417
HIGHTCS Cognix Recon Client 3.0 - Privilege Escalation
Title source: llmDescription
A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests.
Exploits (1)
github
WRITEUP
10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2026/CVE-2026-26417
Scores
CVSS v3
8.1
EPSS
0.0003
EPSS Percentile
10.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-284
Status
published
Products (1)
tcs/cognix_platform
3.0
Published
Mar 05, 2026
Tracked Since
Mar 06, 2026