Is Threatsonar Anti Ransomware affected by CVE-2026-5966?

CVE-2026-5966 in ThreatSonar Anti-Ransomware allows authenticated users with low-level access to delete arbitrary files, potentially disabling the organization's ransomware defense layer.

Threatsonar Anti Ransomware CVE-2026-5966

EUVD-2026-23799 HIGH

Relative Path Traversal (CWE-23)

2026-04-20 twcert

GHSA-544v-v93w-x43g

Path Traversal Threatsonar Anti Ransomware

7.2

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

Apr 20, 2026 - 08:29 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 20, 2026 - 08:22 vuln.today

cvss_changed

CVSS changed

Apr 20, 2026 - 08:22 NVD

8.1 (HIGH) 7.2 (HIGH)

Analysis Generated

Apr 20, 2026 - 07:57 vuln.today

DescriptionNVD

ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete arbitrary files on the system.

AnalysisAI

Path traversal in TeamT5 ThreatSonar Anti-Ransomware versions ≤4.0.0 allows authenticated remote attackers with web access to delete arbitrary system files, potentially disabling security protections or causing system instability. With CVSS 7.2 (High Integrity and Availability impact), this poses significant risk to security infrastructure despite requiring authentication. …

RemediationAI

Within 24 hours: Inventory all ThreatSonar Anti-Ransomware deployments and document current versions; restrict low-privilege user access to the ThreatSonar web interface using network segmentation or access controls. Within 7 days: Contact vendor for available interim versions, security updates, or compensating control guidance; implement application-level request filtering to block path traversal patterns (../, encoded variants) at the web interface. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-5966 vulnerability details – vuln.today

Back

Threatsonar Anti Ransomware CVE-2026-5966

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Threatsonar Anti Ransomware CVE-2026-5966

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code