← back
CVE-2026-27653

CVE-2026-27653

CVSS 5.4 MEDIUMEPSS 0.1%CWE-276
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
27 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The installers for multiple products provided by Soliton Systems K.K. contain an issue with incorrect default permissions, which may allow arbitrary code to be executed with SYSTEM privileges.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Soliton Systems K.K. · Soliton SecureBrowser for OneGateSoliton Systems K.K. · Soliton SecureBrowser IISoliton Systems K.K. · Soliton SecureWorkspace (formerly WrappingBox)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN41357120/https://www.soliton.co.jp/support/2026/006679.html