CVE-2026-1292
Received Received - Intake
Sensitive Data Exposure via Log Injection in Tanium Trends

Publication date: 2026-02-20

Last updated on: 2026-02-27

Assigner: Tanium

Description
Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-20
Last Modified
2026-02-27
Generated
2026-06-16
AI Q&A
2026-02-20
EPSS Evaluated
2026-06-14
NVD
CVE-2026-1292
EUVD
EUVD-2026-8008
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
tanium trends From 3.10.0 (inc) to 3.10.20 (exc)
tanium trends From 3.11.0 (inc) to 3.11.79 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1292 is a medium-severity vulnerability in the Tanium Trends module that involves the insertion of sensitive information into log files.

This flaw allows an attacker with access to Trends module logs to read sensitive data such as sessions and API tokens.

The vulnerability affects specific versions of Tanium Trends prior to certain updates in the 2024H2, 2025H1, and 2025H2 releases.

Impact Analysis

An attacker who can access the Trends module logs may be able to obtain sensitive information such as session details and API tokens.

This could lead to unauthorized access to the system or services that use these tokens, potentially compromising security.

For Tanium On-prem users, this requires additional mitigations such as rotating service account credentials and reviewing logs for exposed tokens.

For Tanium Cloud users, rotating all API tokens is recommended to mitigate the impact.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves the insertion of sensitive information such as sessions and API tokens into Tanium Trends module log files. Detection involves reviewing the Trends logs for any logged API tokens or sensitive session data.

Specifically, you should examine the Trends logs to identify if any sensitive information has been recorded. Commands or tools to search log files for API tokens or session data can be used, such as using grep or similar text search utilities on the log files.

Mitigation Strategies

Immediate mitigation steps include upgrading the Tanium Trends module to a fixed version: Update 20 (v3.10.20) or later for 2024H2, Update 13 (v3.11.79) or later for 2025H1, and Update 3 (v3.11.79) or later for 2025H2.

  • Rotate Trends service account credentials.
  • Stop the Tanium Server service for at least 10 minutes to invalidate sessions (both servers concurrently in active-active deployments).
  • Review Trends logs for any logged API tokens and rotate those tokens if found.

For Tanium Cloud users, rotate all API tokens.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1292. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart