CVE-2026-4760

UNKNOWN 0.0

Potential unauthorized access to files on the Web HMI server host

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

From Panorama Web HMI, an attacker can gain read access to certain Web HMI server files, if he knows their paths and if these files are accessible to the Servin process execution account. * Installations based on Panorama Suite 2022-SP1 (22.50.005) are vulnerable unless update PS-2210-02-4079 (or higher) is installed * Installations based on Panorama Suite 2023 (23.00.004) are vulnerable unless updates PS-2300-03-3078 (or higher) and PS-2300-04-3078 (or higher) and PS-2300-82-3078 (or higher) are installed * Installations based on Panorama Suite 2025 (25.00.016) are vulnerable unless updates PS-2500-02-1078 (or higher) and PS-2500-04-1078 (or higher) are installed * Installations based on Panorama Suite 2025 Updated Dec. 25 (25.10.007) are vulnerable unless updates PS-2510-02-1077 (or higher) and PS-2510-04-1077 (or higher) are installed Please refer to security bulletin BS-035, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt .

CWE	CWE-552
Vendor	codra
Product	panorama suite
Published	Mar 25, 2026
Last Updated	Mar 26, 2026

Stay Ahead of the Next One

Get instant alerts for codra panorama suite

Be the first to know when new unknown vulnerabilities affecting codra panorama suite are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

CODRA / Panorama Suite

Panorama Suite 2022-SP1 < update PS-2210-02-4079 Panorama Suite 2023 < update PS-2300-03-3078 AND PS-2300-04-3078 AND PS-2300-82-3078 Panorama Suite 2025 < update PS-2500-02-1078 AND PS-2500-04-1078 Panorama Suite 2025 Updated Dec. 25 < update PS-2510-02-1077 AND PS-2510-04-1077

References

NVD ↗ CVE.org ↗ EPSS Data ↗

my.codra.net: https://my.codra.net/api/csirt/download?resourceId=1467&fileType=FichierPDF