CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-29092

Kiteworks is a private data network (PDN). Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally expires. Upgrade Kiteworks to version 9.2.1 or later to receive a patch.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.2%

CVSS Severity

CVSS v3 Score 4.9

References

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-92w7-fpjr-wpxc

Products affected by CVE-2026-29092

Accellion » Kiteworks » Version: 7.3.0

cpe:2.3:a:accellion:kiteworks:7.3.0
Accellion » Kiteworks » Version: 7.3.1

cpe:2.3:a:accellion:kiteworks:7.3.1
Accellion » Kiteworks » Version: 7.3.2

cpe:2.3:a:accellion:kiteworks:7.3.2
Accellion » Kiteworks » Version: 7.4.0

cpe:2.3:a:accellion:kiteworks:7.4.0
Accellion » Kiteworks » Version: 9.1.0

cpe:2.3:a:accellion:kiteworks:9.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-29092

Products

Pricing

Contact Us