NSA GRASSMARLIN — CVE-2026-6807
CISA ICS · CISA · CVE-2026-6807
ID
CVE-2026-6807
CVE-2026-6807
Date
Activity
Source
CISA ICS
CISA ICS
Vendor
CISA
CISA
Threat
medium
medium
Summary
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information. The following versions of NSA GRASSMARLIN are affected: GRASSMARLIN vers:all/* CVSS Vendor Equipment Vulnerabilities v3 5.5 NSA NSA GRASSMARLIN Improper Restriction of XML External Entity Reference Background Critical Infrastructure Sectors: Information Technology Countries/Areas Deployed:…
Product
ICS Advisory
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.