CVE-2026-40619
Affected Version Matrix 9
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Genetec Inc. | Genetec Security Center | >=5.7 SR6 <=5.10.4.0 | affected |
>5.10.4.0 | unaffected | ||
>=5.11.0.0 <=5.11.3.0 | affected | ||
>5.11.3.0 | unaffected | ||
>=5.12.0.0 <=5.12.2.0 | affected | ||
>5.12.2.0 | unaffected | ||
>=5.13.0.0 <=5.13.3.0 | affected | ||
>5.13.3.0 | unaffected | ||
| … +1 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-40619
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation. This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number. Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过日志文件的信息暴露
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Genetec Inc. | Genetec Security Center | >=5.7 SR6 <=5.10.4.0 | - |
II. Public POCs for CVE-2026-40619
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-40619
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-40619 (1)
IV. Related Vulnerabilities
Same weakness: CWE-532
- CVE-2026-49200
Acer Wave 7 router: Broken Access Control - CVE-2026-6720
Calicoctl leaks cluster credentials to stderr when verbose l - CVE-2026-41185
ServiceAccount token disclosure via Azure IPAM CNI plugin lo - CVE-2026-41184
ServiceAccount token disclosure via install-cni container lo - CVE-2026-32996
Veeam Agent for Microsoft Windows 安全漏洞
V. Comments for CVE-2026-40619
No comments yet