Vendor scorecard
Stormshield
Stormshield security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: stormshield
Product families
2
Open in latest
38
Inferred — see methodology
Last disclosure
Jul 1, 2026
01
Product categories
2 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| Network SecurityNGFW / Network Securitystormshield_network_security, network_security | 1 | 8 | 4.2.8MED | ||
| Endpoint SecurityNGFW / Network Securitystormshield_endpoint_security, endpoint_security | 0 | 30 | 35.31.22HIGH |
02
Recent CVEs
3 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2026-56152(opens NVD record) | Medium | 5.3 | Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to view. | Jul 1, 2026 |
| CVE-2025-14963(opens NVD record) | High | 7.8 | A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver (BYOVD) was leveraged to gain access to the critical Windows process memory lsass.exe (Local Security Authority Subsystem Service). The fekern.sys is a driver file associated with the HX Agent (used in all existing HX Agent versions). The vulnerable driver installed in a product or a system running a fully functional HX Agent is, itself, not exploitable as the product’s tamper protection restricts the ability to communicate with the driver to only the Agent’s processes. | Feb 24, 2026 |
| CVE-2025-48707(opens NVD record) | High | 7.5 | An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use cases, be shared among administrators, which can cause secret sharing. | Sep 25, 2025 |
1 CVEs · 2 product families