Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
6 vulnerabilities found for Interact by Tanium
CVE-2026-2350 (GCVE-0-2026-2350)
Vulnerability from nvd – Published: 2026-02-19 23:10 – Updated: 2026-03-02 15:50
VLAI?
Title
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Summary
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Severity ?
6.5 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Date Public ?
2026-02-19 23:10
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T15:41:02.790036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T15:50:27.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.2.196",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.102",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:*"
],
"product": "TDS",
"vendor": "Tanium",
"versions": [
{
"lessThan": "4.1.257",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-02-11T16:04:36.295Z",
"datePublic": "2026-02-19T23:10:05.500Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T23:14:23.480Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-008",
"url": "https://security.tanium.com/TAN-2026-008"
}
],
"title": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-2350",
"datePublished": "2026-02-19T23:10:33.951Z",
"dateReserved": "2026-02-11T16:04:36.872Z",
"dateUpdated": "2026-03-02T15:50:27.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15289 (GCVE-0-2025-15289)
Vulnerability from nvd – Published: 2026-02-05 18:10 – Updated: 2026-02-06 19:22
VLAI?
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity ?
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Interact |
Affected:
3.1.0 , < 3.1.337
(custom)
Affected: 3.2.0 , < 3.2.185 (custom) Affected: 3.5.0 , < 3.5.90 (custom) cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:* |
Date Public ?
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:22:50.331215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:22:58.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.1.337",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.185",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:29.166Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T18:10:28.261Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-033",
"url": "https://security.tanium.com/TAN-2025-033"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15289",
"datePublished": "2026-02-05T18:10:28.261Z",
"dateReserved": "2025-12-29T23:02:29.360Z",
"dateUpdated": "2026-02-06T19:22:58.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15288 (GCVE-0-2025-15288)
Vulnerability from nvd – Published: 2026-01-29 20:10 – Updated: 2026-02-05 15:57
VLAI?
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
Date Public ?
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:31:10.582156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:31:17.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:11.893Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T15:57:07.320Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-034",
"url": "https://security.tanium.com/TAN-2025-034"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15288",
"datePublished": "2026-01-29T20:10:48.480Z",
"dateReserved": "2025-12-29T23:02:12.448Z",
"dateUpdated": "2026-02-05T15:57:07.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-2350 (GCVE-0-2026-2350)
Vulnerability from cvelistv5 – Published: 2026-02-19 23:10 – Updated: 2026-03-02 15:50
VLAI?
Title
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Summary
Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.
Severity ?
6.5 (Medium)
CWE
- CWE-532 - Insertion of Sensitive Information into Log File
Assigner
References
Impacted products
Date Public ?
2026-02-19 23:10
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-2350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-02T15:41:02.790036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-02T15:50:27.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.2.195:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.101:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.2.196",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.102",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:tanium:service_tds:4.1.256:*:*:*:*:*:*:*"
],
"product": "TDS",
"vendor": "Tanium",
"versions": [
{
"lessThan": "4.1.257",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2026-02-11T16:04:36.295Z",
"datePublic": "2026-02-19T23:10:05.500Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-19T23:14:23.480Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2026-008",
"url": "https://security.tanium.com/TAN-2026-008"
}
],
"title": "Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2026-2350",
"datePublished": "2026-02-19T23:10:33.951Z",
"dateReserved": "2026-02-11T16:04:36.872Z",
"dateUpdated": "2026-03-02T15:50:27.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15289 (GCVE-0-2025-15289)
Vulnerability from cvelistv5 – Published: 2026-02-05 18:10 – Updated: 2026-02-06 19:22
VLAI?
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity ?
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Tanium | Interact |
Affected:
3.1.0 , < 3.1.337
(custom)
Affected: 3.2.0 , < 3.2.185 (custom) Affected: 3.5.0 , < 3.5.90 (custom) cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:* cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:* |
Date Public ?
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-06T19:22:50.331215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-06T19:22:58.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.1.336:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.2.184:*:*:*:*:*:*:*",
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.1.337",
"status": "affected",
"version": "3.1.0",
"versionType": "custom"
},
{
"lessThan": "3.2.185",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
},
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:29.166Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T18:10:28.261Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-033",
"url": "https://security.tanium.com/TAN-2025-033"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15289",
"datePublished": "2026-02-05T18:10:28.261Z",
"dateReserved": "2025-12-29T23:02:29.360Z",
"dateUpdated": "2026-02-06T19:22:58.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15288 (GCVE-0-2025-15288)
Vulnerability from cvelistv5 – Published: 2026-01-29 20:10 – Updated: 2026-02-05 15:57
VLAI?
Title
Tanium addressed an improper access controls vulnerability in Interact.
Summary
Tanium addressed an improper access controls vulnerability in Interact.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
Date Public ?
2025-10-02 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T20:31:10.582156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T20:31:17.700Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:tanium:service_interact:3.5.89:*:*:*:*:*:*:*"
],
"product": "Interact",
"vendor": "Tanium",
"versions": [
{
"lessThan": "3.5.90",
"status": "affected",
"version": "3.5.0",
"versionType": "custom"
}
]
}
],
"dateAssigned": "2025-12-29T23:02:11.893Z",
"datePublic": "2025-10-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Tanium addressed an improper access controls vulnerability in Interact."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T15:57:07.320Z",
"orgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"shortName": "Tanium"
},
"references": [
{
"name": "TAN-2025-034",
"url": "https://security.tanium.com/TAN-2025-034"
}
],
"title": "Tanium addressed an improper access controls vulnerability in Interact."
}
},
"cveMetadata": {
"assignerOrgId": "3938794e-25f5-4123-a1ba-5cbd7f104512",
"assignerShortName": "Tanium",
"cveId": "CVE-2025-15288",
"datePublished": "2026-01-29T20:10:48.480Z",
"dateReserved": "2025-12-29T23:02:12.448Z",
"dateUpdated": "2026-02-05T15:57:07.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}