What is CVE-2026-50255?

CVE-2026-50255 is a medium-severity vulnerability in Sony Corporation Optical Disc Archive Software For Windows, classified under Incorrect Default Permissions. CVSS score: 6.7/10. Published 2026-06-16.

How severe is CVE-2026-50255?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Sony Corporation Optical Disc Archive Software For Windows

CVE-2026-50255

Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Sony Corporation Optical Disc Archive Software For Windows — versions 5.5.3 and earlier

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

References

vultures@jpcert.or.jp
vultures@jpcert.or.jp

Frequently asked questions

What is CVE-2026-50255?: CVE-2026-50255 is a medium-severity vulnerability in Sony Corporation Optical Disc Archive Software For Windows, classified under Incorrect Default Permissions. CVSS score: 6.7/10. Published 2026-06-16.
How severe is CVE-2026-50255?: Medium severity. CVSS v3 base score is 6.7 out of 10.