Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-26053

CVSS 5.3 · Medium EPSS 0.15% · P5

Possible ATT&CK Techniques 1AI

T1078 · Valid Accounts

Affected Version Matrix 5

VendorProductVersion RangeStatus
GallagherCommand Centre Server9.10affected
9.50< vEL9.50.1587(MR1)affected
9.40< vEL9.40.3130(MR3)affected
9.30< vEL9.30.3983(MR5)affected
9.20< vEL9.20.4349(MR7)affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-26053

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An Incorrect Privilege Assignment (CWE-266) vulnerability in the Command Centre Server allows an authenticated operator with limited privileges to perform some operations that they would not normally be authorized to perform. Version of Command Centre affected: 9.50 prior to vEL9.50.1587(MR1), 9.40 prior to vEL9.40.3130(MR3), 9.30 prior to vEL9.30.3983(MR5), 9.20 prior to vEL9.20.4349(MR7), all versions of 9.10.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
特权授予不正确
Source: NVD (National Vulnerability Database)
Vulnerability Title
Gallagher Command Centre Server 权限许可和访问控制问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Gallagher Command Centre Server是新西兰Gallagher公司的安全控制服务器。 Gallagher Command Centre Server存在权限许可和访问控制问题漏洞,该漏洞源于权限分配不正确,可能导致经过身份验证且权限有限的操作员执行其通常无权执行的操作。以下版本受到影响:9.50版本、vEL9.50.1587(MR1)之前版本、9.40版本、vEL9.40.3130(MR3)之前版本、9.30版本、vEL9.30.3983(MR5)之前版本、9.20版本、vEL9
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
GallagherCommand Centre Server 9.10 -

II. Public POCs for CVE-2026-26053

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-26053

登录查看更多情报信息。

Vendor Advisories for CVE-2026-26053 (1)

Same Patch Batch · Gallagher · 2026-07-07 · 3 CVEs total

CVE-2026-277902.7 LOWGallagher T-20 Readers 异常处理不当漏洞
CVE-2026-278442.7 LOWGallagher controller 6000 异常处理不当漏洞

IV. Related Vulnerabilities

V. Comments for CVE-2026-26053

No comments yet


Leave a comment