CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-27790: Uncaught Exception (CWE-248) in the T20 Readers allows an authenticated and authorized operator to trigger a restart by sending specific requests, resulting in a temporary denial o

lowCVSS 2.7CVE-2026-27790
Uncaught Exception (CWE-248) in the T20 Readers allows an authenticated and authorized operator to trigger a restart by sending specific requests, resulting in a temporary denial of service. Version of Command Centre affected: - 9.50 prior to vCR9.50.260616a (distributed in 9.50.1587(MR1)) - 9.40 prior to vCR9.40.260616a (distributed in 9.40.3130(MR3)) - 9.30 prior to vCR9.30.260616a (distributed in 9.30.3983(MR5)) - 9.20 prior to vCR9.20.260616a (distributed in 9.20.4349(MR7)) - all versions of 9.10 and prior.

Details

Source
NVD Recent CVEs (US · database · site)
Severity
low — CVSS 2.7
Published
2026-07-07
Last updated
2026-07-07
Exploitation
Not in CISA KEV at last sync

Original advisory: https://nvd.nist.gov/vuln/detail/CVE-2026-27790

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2026-27790coverage & exploitation statusNVD · CVE.org

Recent advisories for Uncaught Exception

A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.

More from NVD Recent CVEs