SINEC SSM Server <V4.9.0 Private Data Leakage in Metadata
CVE-2026-27661 Published on March 10, 2026
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.9.0). The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on `SSM Server`.
Weakness Type
Exposure of Sensitive Information Through Metadata
The product prevents direct access to a resource containing sensitive information, but it does not sufficiently limit access to metadata that is derived from the original, sensitive information.
Products Associated with CVE-2026-27661
Want to know whenever a new CVE is published for Siemens Sinec Security Monitor? stack.watch will email you.
Affected Versions
Siemens SINEC Security Monitor:- Before V4.9.0 is affected.