Summary
- CVE-2026-15265 affects Tenable Agent 11.2.0, 11.1.3, and earlier releases.
- Exploitation requires high privileges, but successful abuse could cross security boundaries through the agent’s plugin directory.
- Tenable has released versions 11.2.1 and 11.1.4, with no public report of active exploitation.
Tenable has patched a critical vulnerability in its endpoint agent that could allow an attacker with substantial existing privileges to traverse the agent’s plugin directory and achieve code execution.
CVE-2026-15265 affects Tenable Agent 11.2.0 and versions 11.1.3 and earlier. Corrected releases 11.2.1 and 11.1.4 are available through the company’s download portal.
The vulnerability combines improper restriction of file paths with inadequate verification of cryptographic signatures. Tenable assigned the issue a CVSS v3 score of 9.1 and a CVSS v4 score of 9.3, reflecting possible effects across confidentiality, integrity, and availability.
Exploitation requires high privileges, so the weakness does not provide an unauthenticated external attacker with an immediate entry point into every endpoint running the agent. An intruder would first need privileged access or another means of reaching the relevant functionality.
Successful exploitation could nevertheless cross an important trust boundary. Tenable Agents run locally across workstations, servers, virtual machines, and other assets to perform authenticated vulnerability and compliance checks. On Windows they commonly operate under the local SYSTEM account, while Unix-like installations can run as root.
A weakness in the mechanism used to load or validate plugins can allow existing privileged access to be converted into execution through a trusted security component. Application-control and monitoring policies may also place greater trust in processes associated with an approved vulnerability-management product.
Tenable’s security advisory provides the affected versions and links to corrected installers. The company received the vulnerability report on 30 June, accepted it on 2 July, and published the fix and CVE on 14 July.
No exploitation in the wild has been disclosed. Limited public technical detail reduces the immediate prospect of simple replication but also gives customers little information for retrospective detection beyond version checks and monitoring of unusual agent or plugin activity.
Agent-based security tools create a concentrated software dependency because they are deliberately distributed across large portions of an estate and granted permissions that ordinary business applications do not receive. A defect in the agent can reach endpoints that otherwise share few common applications or operating roles.
Central management can support rapid remediation where each agent remains connected, healthy, and able to update. Transient laptops, isolated servers, laboratory systems, newly acquired environments, and machines that have stopped reporting can remain on older versions after the principal fleet has moved.
Organisations should use the Tenable platform to identify vulnerable releases, while independent software inventory and endpoint-management records can confirm that the corrected binaries have reached each host. Relying exclusively on the affected agent to attest to its own version leaves gaps where it is unhealthy or disconnected.
The high-privilege prerequisite also affects incident analysis. An attacker capable of exploiting the weakness may already control an administrative account, deployment service, or privileged endpoint process. Investigation should establish how that access was obtained and whether it was used against other systems.
Application-control and monitoring rules should be reviewed for unnecessary trust granted to security tooling, particularly where signed or approved agent processes can load plugins or execute content from writable paths.
Installing versions 11.2.1 or 11.1.4 removes the known weakness. Complete remediation depends on identifying inactive agents, confirming update coverage across the full estate, and examining unexplained plugin or agent activity on systems that remained exposed.




