CVE-2026-40619
Affected Version Matrix 9
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Genetec Inc. | Genetec Security Center | >=5.7 SR6 <=5.10.4.0 | affected |
>5.10.4.0 | unaffected | ||
>=5.11.0.0 <=5.11.3.0 | affected | ||
>5.11.3.0 | unaffected | ||
>=5.12.0.0 <=5.12.2.0 | affected | ||
>5.12.2.0 | unaffected | ||
>=5.13.0.0 <=5.13.3.0 | affected | ||
>5.13.3.0 | unaffected | ||
| … +1 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-40619
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admin credentials. A third party hired by Genetec found the issue. There is currently no evidence of active exploitation. This vulnerability is associated with specific installation package builds rather than the product version identifier alone. Certain versions (including 5.10.4.0, 5.11.3.0, 5.12.2.0 and 5.13.3.0) were released with both vulnerable and remediated installation packages under the same version number. Consequently, version-based comparison alone is insufficient to determine exposure. Only installations performed using vulnerable builds are affected. Remediated builds can be distinguished using verified installation package hashes. For the complete list of fixed build hashes, refer to the security advisory section.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过日志文件的信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Genetec Security Center 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Genetec Security Center是Genetec公司的一个统一的安全平台。将您的安全系统、传感器和数据连接在一个界面中,以简化您的操作。 Genetec Security Center存在安全漏洞,该漏洞源于特定安装包构建问题,可能导致具有本地操作系统权限的攻击者访问服务器管理员凭据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Genetec Inc. | Genetec Security Center | >=5.7 SR6 <=5.10.4.0 | - |
II. Public POCs for CVE-2026-40619
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-40619
请登录查看更多情报信息。
Vendor Advisories for CVE-2026-40619 (1)
IV. Related Vulnerabilities
Same weakness: CWE-532
- CVE-2026-9699
Mattermost Agents plugin logs unsanitized OpenAI API keys on - CVE-2026-8330
Insertion of Sensitive Information into Log File in GitLab - CVE-2026-12053
Insertion of Sensitive Information into Log File in GitLab - CVE-2026-11820
Community.general: community.general nexmo — api credentials - CVE-2026-11819
Community.general: community.general keyring_info — os keyri
V. Comments for CVE-2026-40619
No comments yet