CVE-2026-33694

Vulnerability Description

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.

Vulnerability Details

Published Date

April 23, 2026

Last Modified

April 24, 2026

CWE ID

CWE-59

Source

NVD

Vendor

Tenable, Inc.

Product

Tenable Nessus, Tenable Nessus Agent

External References

https://tenable.com/security/tns-2026-12
https://tenable.com/security/tns-2026-13

CVE-2026-33694

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment