Cybersecurity News Kinetic Potential

Vulnerabilities Patched in CrowdStrike, Tenable Products

Fri, 04/24/2026 - 12:12 / 0 Comments

CrowdStrike and Tenable informed customers this week about potentially serious vulnerabilities found and patched in their products.

CrowdStrike published an advisory for CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting its LogScale product. The flaw can allow a remote attacker to read arbitrary files from the server filesystem.

The cybersecurity giant pointed out that Next-Gen SIEM customers are not affected and the vulnerability has been mitigated for LogScale SaaS customers.

LogScale Self-hosted customers have been advised to update to a patched version.

CrowdStrike said the vulnerability was discovered internally and there is no evidence of exploitation in the wild based on a review of log data.

Tenable published two new advisories on Thursday. They describe the same high-severity vulnerability found in the company’s Nessus vulnerability scanner, specifically on Windows.

The vulnerability is tracked as CVE-2026-33694 and an attacker could exploit it via junctions to delete arbitrary files with System privileges. Exploitation could also lead to arbitrary code execution with elevated privileges.

Tenable published separate advisories for Nessus and Nessus Agent.

This article was published by Security Week. Please check their website for the original content.

Add new comment

About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
13 + 7 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

Share The Story


Stay informed - subscribe to our newsletter.
The subscriber's email address.

Recent Posts