Quickfire Cyber Bulletin June 5, 2026
← Back

CVE-2026-5433

Low

Description

Honeywell Control Network Module (CNM) contains command injection vulnerability in the web interface. An attacker could exploit this vulnerability via command delimiters, potentially resulting in Remote Code Execution (RCE).

Scores & Signals

CVSS 3.1 9.1 — CRITICAL
EPSS score 0.0026 (49.5th percentile)
CISA KEV No
Published 2026-05-21

Sources

External references

Risk scores are deterministic, based on public signals only. They are informational context, not a final verdict. Always consult vendor advisories before taking action.