PT-2026-50571 · Thingsboard · Thingsboard

Published

2026-06-17

Updated

2026-06-17

CVE-2026-53676

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

ThingsBoard contains a prototype pollution vulnerability which may lead to arbitrary code execution within a sandboxed context by a user who can log in to the affected product with the tenant administrator privilege (TENANT ADMIN).

Fix

Prototype Pollution

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1321

Related Identifiers

CVE-2026-53676

Affected Products

Thingsboard

PT-2026-50571 · Thingsboard · Thingsboard

CVE-2026-53676

Weakness Enumeration

Related Identifiers

Affected Products

References · 3