cbcvebase.
CVE-2026-26142
published 2026-06-09

CVE-2026-26142: Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.

PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.91%
77.3th percentile
Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.

Affected

44 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360
microsoftnuance_powerscribe_360_4.0>= 4.0 < 7.0.11.497.0.11.49
microsoftnuance_powerscribe_360_version_4.0.1>= 4.0.1 < 7.0.111.687.0.111.68
microsoftnuance_powerscribe_360_version_4.0.2>= 4.0.2 < 7.0.154.187.0.154.18
microsoftnuance_powerscribe_360_version_4.0.3>= 4.0.3 < 7.0.197.107.0.197.10
microsoftnuance_powerscribe_360_version_4.0.4>= 4.0.4 < 7.0.212.107.0.212.10
microsoftnuance_powerscribe_360_version_4.0.5>= 4.0.5 < 7.0.243.197.0.243.19
microsoftnuance_powerscribe_360_version_4.0.6>= 4.0.6 < 7.0.277.287.0.277.28
microsoftnuance_powerscribe_360_version_4.0.7>= 4.0.7 < 7.0.316.127.0.316.12
microsoftnuance_powerscribe_360_version_4.0.8>= 4.0.8 < 7.0.427.157.0.427.15
microsoftnuance_powerscribe_360_version_4.0.9>= 4.0.9 < 7.0.528.247.0.528.24
microsoftnuance_powerscribe_one
microsoftnuance_powerscribe_one
microsoftnuance_powerscribe_one
microsoftnuance_powerscribe_one
microsoftnuance_powerscribe_one
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.