CVE-2026-22569Improper Validation of Unsafe Equivalence in Input in Client Connector

CWE-1289Improper Validation of Unsafe Equivalence in Input4 documents4 sources
Severity
5.3MEDIUMNVD
CNA5.4
EPSS
0.1%
top 75.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Zscaler Client ConnectorZscaler Client Connector
Timeline
PublishedMar 31

Description

An incorrect startup configuration of affected versions of Zscaler Client Connector on Windows may cause a limited amount of traffic from being inspected under rare circumstances.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDzscaler/client_connector4.74.7.0.141+1
CVEListV5zscaler/zscaler_client_connector4.74.7.0.141+1

🔴Vulnerability Details

2
GHSA
GHSA-m6c6-h9pc-2f7x: An incorrect startup configuration of affected versions of Zscaler Client Connector on Windows may cause a limited amount of traffic from being inspec2026-03-31
CVEList
Incorrect startup configuration in ZCC2026-03-31

🕵️Threat Intelligence

1
Wiz
CVE-2026-22569 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-22569 — Zscaler Client Connector vulnerability | cvebase