CVE-2026-9789 – NitroSense V3: Security Vulnerability Information

CVE ID :CVE-2026-9789

Published : May 28, 2026, 3:16 a.m. | 1 hour, 15 minutes ago

Description :A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List (ACL). This allows any authenticated local user to connect and send commands. Because the service does not check the caller’s privileges before running file deletion commands, a low-privileged local user can exploit this to delete arbitrary files with system authority.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9803 – Keycloak: keycloak: denial of service via malformed authorization header

CVE-2026-9802 – Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

CVE-2026-9801 – Keycloak: keycloak: denial of service via malformed ldap password policy response

CVE-2026-9798 – Keycloak: keycloak: brute-force protection bypass in ciba flow