CVE-2026-5064 | Potential security vulnerabilities have been identified in t… | CVSS 8.5 HIGH

Description

Potential security vulnerabilities have been identified in the HP One Agent for certain HP PC products, which might allow for escalation of privilege and/or denial of service. HP is releasing software updates to mitigate these potential vulnerabilities.

Metadata

CVE ID: CVE-2026-5064
State: PUBLISHED
Assigner: hp
Reserved: 2026-03-27 20:50 UTC
Published: 2026-06-15 21:23 UTC
Last updated: 2026-06-15 21:23 UTC
Primary CWE: CWE-427
CWE-427: Uncontrolled Search Path Element
Vendor / Product: HP Inc. / HP One Agent Software
Sources: cve.org · NVD

Severity & Metrics

8.5 HIGH CVSS 4.0

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products (1)

Vendor	Product	Platform	Versions
HP Inc.	HP One Agent Software	Windows	0 < 1.3.214.7339

Weakness (CWE)

CWE	Source	Description
CWE-427	cna	CWE-427: Uncontrolled Search Path Element

CVSS scores (1)

Score	Severity	Version	Source	Vector
8.5	HIGH	4.0	cna	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References (1)

https://support.hp.com/us-en/document/ish_15146555-15146580-16/hpsbhf04060