CVE-2026-33694

UNKNOWN 0.0

Junction File Manipulation

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files with SYSTEM privileges. As a result, this condition potentially facilitates arbitrary code execution, whereby an attacker may exploit the vulnerability to execute malicious code with elevated SYSTEM privileges.

CWE	CWE-59
Vendor	tenable, inc.
Product	tenable nessus, tenable nessus agent
Published	Apr 23, 2026
Last Updated	Apr 23, 2026

Stay Ahead of the Next One

Get instant alerts for tenable, inc. tenable nessus, tenable nessus agent

Be the first to know when new unknown vulnerabilities affecting tenable, inc. tenable nessus, tenable nessus agent are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Tenable, Inc. / Tenable Nessus, Tenable Nessus Agent

Nessus Agent ≤ 11.1.2 Nessus ≤ 10.11.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

tenable.com: https://tenable.com/security/tns-2026-12 tenable.com: https://tenable.com/security/tns-2026-13