← back
CVE-2026-50255

CVE-2026-50255

CVSS 5.4 MEDIUMEPSS 0.1%CWE-276
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Sony Corporation · Optical Disc Archive Software for Windows

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN79926428/https://www.sony.com/electronics/support/software/00403421