Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.5
Tata Consultancy Services Cognix Recon Client v3.0: Unrestricted Access to Application Functions
CVE-2026-26418
Summary
The web API in Tata Consultancy Services Cognix Recon Client v3.0 does not require authentication or authorization, allowing anyone on the network to access its features without permission. This means that unauthorized users can potentially access and manipulate sensitive data or functions. Update to the latest version of the software to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| tcs | cognix_platform | 3.0 | – |
Original title
Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the...
Original description
Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network.
nvd CVSS3.1
7.5
Vulnerability type
CWE-284
Improper Access Control
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026