TeamT5 is committed to upholding the highest security standards to ensure the integrity and functionality of our products. During recent security audits, our PSIRT team identified a vulnerability in ThreatSonar Anti-Ransomware. Details are in the paragraphs below.
The TeamT5 PSIRT team, upon discovering the vulnerability, followed the company’s Vulnerability Disclosure Policy. On March 2, 2026, they closely coordinated with TWCERT to report the vulnerability details, apply for a CVE, and carry out remediation work. Customers were also notified on March 18, 2026, to install the patch.
The vulnerabilities have been assigned CVE-2026-5966 and CVE-2026-5967.
This Notice once again strongly urges users to update immediately.
- Vulnerability Description
Fixes for a root privilege escalation vulnerability and an arbitrary file deletion vulnerability. - Affected Products
ThreatSonar Anti-Ransomware versions 4.0.0 earlier. - Recommended Solution
- For on-premises customers, please look at the links in the security update notice for the patch.
- For cloud version customers, the patch has already been applied on 2026/03/03.
We apologize for any inconvenience this may cause and appreciate your prompt attention to this matter. If you require assistance or have any questions, please do not hesitate to contact our technical support team.