CVE-2026-4116

NONE EPSS 0.14%

Apr 09, 2026

Updated Apr 09, 2026

Sonicwall

Parameter	Value
Type	CWE-176
Vendor	Sonicwall
Public PoC	No

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.

Weakness Type (CWE)

CWE-176

References 1

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

PSIRT@sonicwall.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-4114

Sonicwall

None

CVE-2026-4113

Sonicwall

None

CVE-2026-4112

Sonicwall

None

CVE-2026-3470

Sonicwall

3.8

CVE-2026-3469

Sonicwall

2.7

CVE Details

CVE ID

CVE-2026-4116

Published Date

Apr 09, 2026

Vendor

Sonicwall

Severity

NONE

Exploit Prediction (EPSS)

Probability of Exploit 0.14%

Likelihood of exploitation in next 30 days

Percentile: 33.8th percentile (higher than 33.8% of all CVEs)

Standard patching cycle

Impact

Minimal impact

Source

View Advisory

Menu

CVE-2026-4116

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-4114

CVE-2026-4113

CVE-2026-4112

CVE-2026-3470

CVE-2026-3469

CVE Details

Editor's Choice

Menu

CVE-2026-4116

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-4114

CVE-2026-4113

CVE-2026-4112

CVE-2026-3470

CVE-2026-3469

CVE Details

Editor's Choice

Stay informed on cybersecurity