Lucene search
K

4 matches found

NVD
NVD
added 2026/06/12 7:16 p.m.18 views

CVE-2026-50244

The Naxclow platform exposes a registration endpoint that accepts signed requests containing a batch prefix and an arbitrary caller-supplied account identifier, without validating any ownership relationship. Each call mints a new sequential device identifier and returns the current high-water...

6.9CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 6:21 p.m.19 views

CVE-2026-50244

CVE-2026-50244 affects the Naxclow IoT Platform. The registration endpoint accepts signed requests with a batch prefix and a caller-supplied account identifier without ownership validation, allowing an attacker to mint new sequential device identifiers and read the batch’s current high-water coun...

6.9CVSS5.3AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/12 6:21 p.m.9 views

EUVD-2026-36533

The Naxclow platform exposes a registration endpoint that accepts signed requests containing a batch prefix and an arbitrary caller-supplied account identifier, without validating any ownership relationship. Each call mints a new sequential device identifier and returns the current high-water...

6.9CVSS5.3AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.17 views

PT-2026-48959

The Naxclow platform exposes a registration endpoint that accepts signed requests containing a batch prefix and an arbitrary caller-supplied account identifier, without validating any ownership relationship. Each call mints a new sequential device identifier and returns the current high-water...

6.9CVSS5.3AI score0.00221EPSS
Exploits0References3
Rows per page
Query Builder