CVE Catalog

CVE-2026-26142

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

High risk
1.96%

78th percentile — higher than 78% of all known CVEs

Summary

A deserialization of untrusted data vulnerability in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.

Risk Assessment

An attacker could take control of the PowerScribe system, compromising the confidentiality and integrity of medical data and disrupting healthcare operations.

Recommendation

Apply the security update provided by the vendor immediately and restrict network access to the PowerScribe system to trusted hosts only.

Original NVD description (English source)

Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS