{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/cpes/cpe2.3asqlitesqlite3.49.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*","cpe:2.3:a:sqlite:sqlite:3.49.0:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":5.3,"id":"CVE-2025-15079"},{"cvss":3.1,"id":"CVE-2025-15224"},{"cvss":3.2,"id":"CVE-2025-29087"},{"cvss":5.6,"id":"CVE-2025-29088"},{"cvss":9.8,"id":"CVE-2025-3277"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Network Monitor (versions prior to 6.5.4)"],"_cs_severities":["high"],"_cs_tags":["vulnerability","dos","security-bypass"],"_cs_type":"advisory","_cs_vendors":["Tenable"],"content_html":"\u003cp\u003eTenable Network Monitor versions prior to 6.5.4 are susceptible to multiple vulnerabilities. According to Tenable\u0026rsquo;s security advisory tns-2026-14, released on May 14, 2026, these vulnerabilities can allow an attacker to perform a remote denial of service (DoS), bypass security policies, and exploit unspecified security issues. The affected software is a network monitoring tool used within organizations to observe network traffic and identify potential security threats. Successful exploitation of these vulnerabilities could lead to network outages, unauthorized access, or other security breaches.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003cp\u003eDue to lack of specific details about individual CVE exploitation, the following attack chain is generalized:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable Tenable Network Monitor instance running a version prior to 6.5.4.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious network packet or request targeting one of the vulnerabilities (CVE-2025-13034, CVE-2025-14017, CVE-2025-14524, CVE-2025-14819, CVE-2025-15079, CVE-2025-15224, CVE-2025-29087, CVE-2025-29088, CVE-2025-3277).\u003c/li\u003e\n\u003cli\u003eThe malicious packet is sent to the TNM server via network protocols (TCP/UDP).\u003c/li\u003e\n\u003cli\u003eThe TNM server processes the malformed packet, triggering the vulnerability.\u003c/li\u003e\n\u003cli\u003eDepending on the specific vulnerability, this may cause a denial-of-service condition, preventing legitimate monitoring activity.\u003c/li\u003e\n\u003cli\u003eAlternatively, it may bypass security policies, allowing unauthorized access to network data.\u003c/li\u003e\n\u003cli\u003eThe attacker may be able to execute arbitrary code on the TNM server, potentially gaining full control of the system (depending on the unspecified vulnerabilities).\u003c/li\u003e\n\u003cli\u003eThe attacker leverages compromised TNM to further compromise network.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of these vulnerabilities could lead to a denial of service, preventing administrators from monitoring network traffic and detecting threats. A security policy bypass could allow unauthorized access to sensitive network data. Unspecified vulnerabilities could lead to remote code execution, granting attackers complete control over the affected system. The number of potential victims is dependent on the install base of Tenable Network Monitor, but organizations relying on TNM for network security are at risk.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Tenable Network Monitor to version 6.5.4 or later to remediate the vulnerabilities (Tenable Security Advisory tns-2026-14).\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unusual patterns or large volumes of traffic directed towards Tenable Network Monitor servers (network_connection log source).\u003c/li\u003e\n\u003cli\u003eDeploy the provided Sigma rule to detect potential exploitation attempts targeting these vulnerabilities.\u003c/li\u003e\n\u003cli\u003eReview and harden network segmentation to limit the impact of a successful compromise.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-15T12:23:29Z","date_published":"2026-05-15T12:23:29Z","id":"https://feed.craftedsignal.io/briefs/2026-05-tenable-network-monitor-vulns/","summary":"Multiple vulnerabilities in Tenable Network Monitor versions prior to 6.5.4 can lead to remote denial of service, security policy bypass, and unspecified security issues.","title":"Multiple Vulnerabilities in Tenable Network Monitor","url":"https://feed.craftedsignal.io/briefs/2026-05-tenable-network-monitor-vulns/"}],"language":"en","title":"CraftedSignal Threat Feed — Cpe:2.3:a:sqlite:sqlite:3.49.0:*:*:*:*:*:*:*","version":"https://jsonfeed.org/version/1.1"}