Skip to content

TAN-2026-013

Tanium addressed a denial of service vulnerability in Tanium Server.

Severity: Medium

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Impact

This vulnerability could allow an unauthenticated attacker with network access to the Tanium Server to craft messages to exhaust server file descriptors and memory.

Products Affected

2024H2 Release:

  • Tanium Server prior to Update 25 (v7.6.4.2190)

2025H1 Release:

  • Tanium Server prior to Update 19 (v7.7.3.8274)

2025H2 Release:

  • Tanium Server prior to Update 9 (v7.8.2.1176)

Available Updates

2024H2 Release:

  • Update 25 (Tanium Server v7.6.4.2190) and later

2025H1 Release:

  • Update 19 (Tanium Server v7.7.3.8274) and later

2025H2 Release:

  • Update 9 (Tanium Server v7.8.2.1176) and later

2026H1 Release:

  • Update 0 (Tanium Server v7.8.4.1298) and later

Workaround and Mitigations

None.

Acknowledgements

None.