CVE-2026-2408
Use-After-Free Vulnerability in Tanium Cloud Workloads Enforce
Publication date: 2026-02-20
Last updated on: 2026-02-27
Assigner: Tanium
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tanium | cloud_workloads | to 1.0.222 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-2408 is a medium-severity use-after-free vulnerability found in the Tanium Cloud Workloads Enforce client extension. This vulnerability allows an attacker with local access and low privileges within a Tanium Client Container to exploit the flaw.
A use-after-free vulnerability occurs when a program continues to use memory after it has been freed, which can lead to unexpected behavior or crashes.
How can this vulnerability impact me? :
Exploiting this vulnerability can cause a denial of service (DoS) condition, meaning the affected Tanium Cloud Workloads Enforce client extension could crash or become unavailable.
The attacker needs local access to the Tanium Client Container and only low privileges to trigger this impact.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There is no specific information provided about detection methods or commands to identify this vulnerability on your network or system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate CVE-2026-2408, you should upgrade the Tanium Cloud Workloads Enforce client extension to Update 14 (v1.0.222) or later for the 2025H1 release, or to Update 5 (v1.0.222) or later for the 2025H2 release.
After upgrading, on-premises customers must redeploy the Tanium Cluster Client Container following Taniumβs documentation guidance.
Tanium Cloud customers are also required to redeploy the Tanium Cluster Client Container post-upgrade.
No workarounds or alternative mitigations are available.