CVE-2026-3502 is a high-severity vulnerability (CVSS ~8.1) affecting Atlassian Confluence deployments. The issue stems from improper input validation.

TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can substitute a tampered update payload. If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

The following version affected;

• Affected at TrueConf Client versions 8.1.0 through 8.5.2

If the payload is executed or installed by the updater, this may result in arbitrary code execution in the context of the updating process or user.

Attackers exploit the vulnerability remotely via crafted HTTP requests.

Successful exploitation of CVE-2026-3502 may result in:

1. Unauthorized access to sensitive system and application files
2. Exposure of credentials, API keys, or configuration data
3. Compromise of confidential organizational information
4. Potential for remote code execution (when chained with other flaws)
5. Lateral movement within enterprise environments

Given Confluence’s role in storing internal documentation, this can lead to significant data leakage and operational risk.

CERTVU recommends the following:

1. Apply Security Updates Immediately

• Upgrade to the latest patched versions
• Ensure all Confluence instances are updated across environments

2. Restrict external Access

• Limit exposure of Confluence to the internet

3. Harden Application and system configuration

• Apply least privilege to application and file system accounts
• Disable unused features or plugins
• Restrict file system access permission