CVE-2026-8482
Information leak in NSRPC client history
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS —KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
02 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included)
There is a possible leak of secret information if administration commands have been passed with the CLI command line tool.
Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password.
CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Affected products
Stormshield · Stormshield Network Security