CVE-2026-26102

HighLPE

Published: 20 February 2026

Published

20 February 2026

Modified

27 February 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0002 4.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-26102 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Owlcyberdefense Opds-Talon. Its CVSS base score is 7.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique File System Permissions Weakness (T1044); ranked at the 4.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Threat & Defense at a Glance

What attackers do: exploitation maps to File System Permissions Weakness (T1044) and 2 other techniques. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-6 Least Privilege good match

prevent

Enforces least privilege to prevent low-privileged local attackers from manipulating critical resources due to incorrect permission assignments.

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for access to system resources, directly countering improper permissions that allow file manipulation via crafted network requests.

CM-5 Access Restrictions for Change good match

prevent

Restricts access to changes such as file manipulations to authorized roles only, mitigating unauthorized modifications enabled by incorrect permissions on critical resources.

MITRE ATT&CK Enterprise TechniquesAI

T1044 File System Permissions Weakness Persistence

Processes may automatically execute specific binaries as part of their functionality or to perform other actions.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

T1565.001 Stored Data Manipulation Impact

Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.

attack.mitre.org →

Why these techniques?

The described CWE-732 weakness directly matches T1044 (incorrect file system permissions on a critical resource). Exploitation by a local low-privileged attacker enables unauthorized local file access (T1005) and stored data manipulation (T1565.001).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

Incorrect Permission Assignment for Critical Resource in Owl opds 2.2.0.4 allows File Manipulation via a crafted network request.

Deeper analysisAI

CVE-2026-26102 is an Incorrect Permission Assignment for Critical Resource vulnerability (CWE-732) affecting Owl opds version 2.2.0.4. It enables file manipulation through a crafted network request due to improper permissions on a critical resource. The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity with significant impacts on confidentiality, integrity, and availability.

A local attacker with low privileges can exploit this vulnerability with low complexity and no user interaction required. By sending a crafted network request, the attacker can manipulate files, potentially leading to unauthorized data access, modification, or deletion on the affected system.

The primary advisory reference is available from Nozomi Networks Labs at https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2026-26102, which provides details relevant to mitigation strategies. The vulnerability was published on 2026-02-20T17:25:55.120.